NEAS[.]8f68d9e5966a400928543bd5d7117460_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8f68d9e5966a400928543bd5d7117460_JC.exe
Size

2.4MB
MD5

8f68d9e5966a400928543bd5d7117460
SHA1

7b5ba0fca329c2606b8293a2548ec9ac3418a697
SHA256

2cae5b9430afd6a39c5742c47d040e6d46e36344dffc08baf01334270a988667
SHA512

52b7473d4e329e33b538e9c4fb554d4b1c52ffead3a6a0ccaa553b45a77c109074be5291318bffb496a0941d144bcf64b77d17eb576ce485b931a2bb078c9610
SSDEEP

49152:Ybr8GFjNgqrJgI14hRhnPX4FP/n+qqvRzppvwNRcqR2n2vu:Ybr8GFprhqRhPX4ln+qyRbYNRcqR2n2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8f68d9e5966a400928543bd5d7117460_JC.exe

Files

NEAS.8f68d9e5966a400928543bd5d7117460_JC.exe
.exe windows:4 windows x86

bb96b3ac5bdd07f05330f8e52391c611

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime

Sections

Size: 84KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lvaoctvr
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nwijhmrw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE