NEAS[.]767ff3065d56d476b2b7e62f14693dc0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.767ff3065d56d476b2b7e62f14693dc0_JC.exe
Size

165KB
MD5

767ff3065d56d476b2b7e62f14693dc0
SHA1

713a2f8665b457b475ab4018df64d288a3a60673
SHA256

69ecc477132e86d7445cc8947e5805e4dd716af0bf7bb0b9cd709d0a6f21afb0
SHA512

352295bd1e8bd8deef623429fa581d88021c714ad5bd613c31992c53ef539aee8b20c82de1759ad55cab69f57c66dfb6e4a4b2852fd6bef9789820579160a6ed
SSDEEP

3072:/+aqLIHL0JP3lf6/+xtcxpWloCEjh9MYSsBRQ:/BCfP1i2xkpYEt993Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.767ff3065d56d476b2b7e62f14693dc0_JC.exe

Files

NEAS.767ff3065d56d476b2b7e62f14693dc0_JC.exe
.dll windows:1 windows x86

425b80e51bdb47f1940f2d6610dfd81f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
GetCurrentProcess
ReadProcessMemory
WriteProcessMemory
ExitProcess
CreateFileA
WriteFile
CloseHandle
SetFilePointer
GetTickCount

user32

MessageBoxA
wsprintfA

Exports

Exports

GameMain

Sections

data
Size: 592B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 1009B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IMPORTS
Size: 78B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

imports
Size: 418B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

exports
Size: 68B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE