NEAS[.]1052a49e9a9c2f90790fcdbfbe557110_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1052a49e9a9c2f90790fcdbfbe557110_JC.exe
Size

119KB
MD5

1052a49e9a9c2f90790fcdbfbe557110
SHA1

a2b9e49454e9c2fda37a5a30393bd0919b6623ef
SHA256

53c0ba2a4dd91aaf4dd5038135ab5d9993d3a82aae7a5ed2e79ca2ed34f0c18d
SHA512

b9e43eaacba4e16bc21ae9fcb6b9f51bd274e6bbb8ac2b3c0cea5b0d8b15774884800a1bb256f11056caf21e12203b8eb2147765c81dcb2f1c70c0a94d27302c
SSDEEP

3072:81VWLnJd2aQSvPVYOJ/mb/N1dvH/okQYTyWlRF:0cnJd2NSvPdJ/mb/N1dvH3QYGqn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1052a49e9a9c2f90790fcdbfbe557110_JC.exe

Files

NEAS.1052a49e9a9c2f90790fcdbfbe557110_JC.exe
.exe windows:4 windows x86

48071a8ed1b83602b01265265e99699b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Thread32First
SetConsoleTitleW
FindResourceA
SetXStateFeaturesMask
GetFileInformationByHandleEx
TermsrvSyncUserIniFileExt
SortCloseHandle
CloseThreadpoolWait
Module32Next
SetComPlusPackageInstallStatus

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE