NEAS[.]7c934f8b344d866068d02341724ecfc0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7c934f8b344d866068d02341724ecfc0_JC.exe
Size

119KB
MD5

7c934f8b344d866068d02341724ecfc0
SHA1

ce87b1ce72607bf7a6359618b0e8870052538fcf
SHA256

1e04ed95910706a6de82e8d865f3e5d47b067d57080185d2957a128c3cd851d1
SHA512

efccf2812c13143fa8d6569224dee53643adb02b4641889a34a8fcaaff288645e929c6844bb5a19805d0d994e4e79a995dcc7cce8a88302b21b98c2746c043ed
SSDEEP

3072:YH5VChGC4qRa3nrpuC/Y3rABx6eNDrKtLhVslF/TuhK:OErTonFn/KrAv7utVsrTuI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7c934f8b344d866068d02341724ecfc0_JC.exe

Files

NEAS.7c934f8b344d866068d02341724ecfc0_JC.exe
.exe windows:4 windows x86

d8f200032bec6100e1379c18419768af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

NlsUpdateSystemLocale
GetConsoleAliasExesLengthA
GetConsoleCommandHistoryLengthW
ZombifyActCtx
EnumSystemLanguageGroupsA
SetThreadPreferredUILanguages
ConvertThreadToFiber
SetProcessWorkingSetSizeEx
GetConsoleOriginalTitleA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE