NEAS[.]26cefcdbaaf8703396dd0c54edaa6240_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.26cefcdbaaf8703396dd0c54edaa6240_JC.exe
Size

119KB
MD5

26cefcdbaaf8703396dd0c54edaa6240
SHA1

2b126b6b31e4db2a7c91085b05e18e74b3c932f5
SHA256

81890ee47ddc0a13758cfe7b745bee0094871d92a6b4fd1ed6002f91b392e46c
SHA512

e39e5c73b637e692f06164ee38f8fc907b3fd4f3fcdfce24588849edbdf956d13b50b1ae25113d9504b73f7e2d2d627f1f5586990d30f323024085603669981a
SSDEEP

3072:a0Jm5f4YXc7LIEacGWGhUQY0VEoGXrGruV2AiV:5AQSccwGFVQbG6YD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.26cefcdbaaf8703396dd0c54edaa6240_JC.exe

Files

NEAS.26cefcdbaaf8703396dd0c54edaa6240_JC.exe
.exe windows:4 windows x86

4e3e9f1eee3049843f4b11bcc40f1e88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BasepSetFileEncryptionCompression
SetFileValidData
UnregisterApplicationRecoveryCallback
SetDllDirectoryA
GetConsoleFontSize
WerRegisterFileWorker
GetFileBandwidthReservation
BasepCheckAppCompat
AddRefActCtxWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE