NEAS[.]646876bbdf0ee46214d61691c3a755c0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.646876bbdf0ee46214d61691c3a755c0_JC.exe
Size

1.5MB
MD5

646876bbdf0ee46214d61691c3a755c0
SHA1

83760f088505a8922be1f27d445160ae29ccdd2b
SHA256

559c7a0ed25e72a166824ba735592bea6e96f2d48d2f2ef5f01badc32e48c614
SHA512

d85fbed4d0eb72a07e3da62a49ee8b257a3bc420e3e46b9f50ebda73b8691c1b7f6cc735f15688de52b50bea9bdcd6de349529b91c9474964a6ac64b0ead2981
SSDEEP

24576:qKSKASG41F7LHOShpiX6ukpO12CesmCpvbAR3PmZux7DD32rcV+e0qR9rFeKD+yN:qKSFOfLHnri/sO12DYmGEDmYA3q/RDNJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.646876bbdf0ee46214d61691c3a755c0_JC.exe

Files

NEAS.646876bbdf0ee46214d61691c3a755c0_JC.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.textbss
Size: - Virtual size: 907KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 987B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ