NEAS[.]60727abbfa74ced71fc4e41142373190_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.60727abbfa74ced71fc4e41142373190_JC.exe
Size

119KB
MD5

60727abbfa74ced71fc4e41142373190
SHA1

51832a0945b04923e38d1159ba7e3bd0a579c80b
SHA256

e9d242d7a2478e05be9d7a3d4fc606a40d7d84d81752fc1a56c20e04de7b7f95
SHA512

17fa1def39c8c81df94aef1f6774bda2ded9703980791165719f3705dd0c6b6d6b10ff205c15f89a913f4392a87b8bed99b0a9558539e5ef3e1ee6589609273a
SSDEEP

3072:V3k2olhF+taNkufsBc9y/Q1ETay4nRtuOJglIvgc3x:Zk2YhjvIj8GavRYog2vg+x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.60727abbfa74ced71fc4e41142373190_JC.exe

Files

NEAS.60727abbfa74ced71fc4e41142373190_JC.exe
.exe windows:4 windows x86

ee2386bc683e8cafe1ceace95550fd1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeW
MapViewOfFile
RemoveLocalAlternateComputerNameW
SetStdHandle
WerSetFlags
RegDeleteValueW
SetEvent
NormalizeString
GetThreadPriorityBoost
EnumResourceLanguagesExW
SetFileValidData

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE