NEAS[.]c5e6d8690fb40fa53500a87cbc31eac0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c5e6d8690fb40fa53500a87cbc31eac0_JC.exe
Size

119KB
MD5

c5e6d8690fb40fa53500a87cbc31eac0
SHA1

2ea656b4fe24687d8b3b98a55baed7684cc2140d
SHA256

615030c1906a2ed4b5b5d3c3e9abac0fb63928c5f68ae2a083675c43fc770544
SHA512

57531c8f873351c78dd9157faeda7e41f564d1a739585d5372c2a160ba959330fc7d1f0b35ccd8ea5d993c1450856fe640e0572d3a8465cf7f019f79b78789b5
SSDEEP

3072:VUejqxNibLlD5bu36fH7pDvZeHErT7lAaI/TUu:VAPibL7BbpDR2WO/Yu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c5e6d8690fb40fa53500a87cbc31eac0_JC.exe

Files

NEAS.c5e6d8690fb40fa53500a87cbc31eac0_JC.exe
.exe windows:4 windows x86

fd93fa3a19fba710fb6d74c67379e346

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileShortNameA
FormatMessageW
_lwrite
SetConsoleHardwareState
BasepCheckAppCompat
lstrcpyW
CreateSemaphoreW
UpdateResourceW
VirtualUnlock
WaitNamedPipeA
GetNumaHighestNodeNumber
IdnToNameprepUnicode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE