NEAS[.]840d31a00e38fbc2690d6699eeff61f0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.840d31a00e38fbc2690d6699eeff61f0_JC.exe
Size

119KB
MD5

840d31a00e38fbc2690d6699eeff61f0
SHA1

349bb1212aa462b2a9ab8ed9b0e250ad07b65f2a
SHA256

b1d72ada0689fa9d11ab1e6921e64852ab5060f9da8c912d5f44bc30b54bd31c
SHA512

a5a83ad8a9d5a58c9002d37170042b297cbbbb3d8e985d3545221540769219f6daa2374877ab1777b2cfdcd0ea6fbb985b29b979a3724c6997d93088c66b9e7d
SSDEEP

1536:pz07vLSE18YHZmDRdtBTBO3tqcoSSq+2rVozZM8cocG/0KXr1vK78P/s0Xx/sfoz:OtSL9BqtqcnCzZl93Xr5K783XhdKy9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.840d31a00e38fbc2690d6699eeff61f0_JC.exe

Files

NEAS.840d31a00e38fbc2690d6699eeff61f0_JC.exe
.exe windows:4 windows x86

a25f79d6733c9bfbe660e49b3adad8b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallbackMayRunLong
_lread
lstrcpyn
EnumerateLocalComputerNamesA
GetAppContainerNamedObjectPath
CreatePrivateNamespaceA
DeleteAtom
GetTempFileNameW
Module32FirstW
GetSystemDefaultLocaleName

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE