NEAS[.]d8a8b56cdc8da28819f20fd8af683d50_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d8a8b56cdc8da28819f20fd8af683d50_JC.exe
Size

119KB
MD5

d8a8b56cdc8da28819f20fd8af683d50
SHA1

0be48c9788af3750ae87c69703d39f51e3518ee9
SHA256

dd8719d384c4d5fc749807ddbcdce3955778edb7607e75581a1c2c5b2263a562
SHA512

abe3ba5ca6dd4684236c5540c15a8be4585bb64218bd1b2845dfbcc6c11aafcfe2556779f28671a67c08bc4e31d8f89e94c8e2fae9c0fab24944f762d46a7ba8
SSDEEP

3072:ZT3ez4DHTVSrBfC86RdjxKKUcLLMCWhZLiMD2z6+s:N304TTVSrlSHK04NLL1Dm6f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d8a8b56cdc8da28819f20fd8af683d50_JC.exe

Files

NEAS.d8a8b56cdc8da28819f20fd8af683d50_JC.exe
.exe windows:4 windows x86

cf0f0f873984b5131acbe8055beecb65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePrivateNamespaceA
LZInit
GetSystemFileCacheSize
GetCommTimeouts
WerpGetDebugger
ReleaseActCtx
QueryActCtxSettingsW
GetConsoleScreenBufferInfo
GetSystemTimeAsFileTime
FreeLibraryAndExitThread

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE