NEAS[.]20d99c4731384209c480fe81145faf10_JC[.]exe | Triage

Sharing

General

Target

NEAS.20d99c4731384209c480fe81145faf10_JC.exe
Size

119KB
MD5

20d99c4731384209c480fe81145faf10
SHA1

d44e6e89e2456773f51dbc230d7d88e33f599e26
SHA256

5c0bdf2af320c6779bb1d1c2c72b381f5babe008bb0bea416573d2661e04a866
SHA512

37f20b855690e9710eaa94ae212f19b05e2d5d4c26a2c046bf92e1dafd17ea3c8dff01b17d613c45ef8a699774e8037818cfe9f1b44469a1f0e0dcdb63394a59
SSDEEP

1536:FLaWusI6vXiuVocytHQvxZ8TqgrMIq4ZXMifYGbbdVCVVRuv7rPwwNfQyuVf8Ndh:d+6vXGcYHUerPXMifY6dMDYPVkfwhpok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.20d99c4731384209c480fe81145faf10_JC.exe

Files

NEAS.20d99c4731384209c480fe81145faf10_JC.exe
.exe windows:4 windows x86

c33276505a90a1718f71e492cf45b052

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCommandHistoryLengthW
FreeLibraryAndExitThread
ChangeTimerQueueTimer
CreateProcessW
IsSystemResumeAutomatic
ReadProcessMemory
GetFinalPathNameByHandleW
SetConsoleOS2OemFormat
RemoveLocalAlternateComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE