NEAS[.]388ac25bdb5bfed32cd3f26a596ddd10_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.388ac25bdb5bfed32cd3f26a596ddd10_JC.exe
Size

119KB
MD5

388ac25bdb5bfed32cd3f26a596ddd10
SHA1

4843fcbd0c4bb082f51fcf3a77811999fc53b9a4
SHA256

00daeb270f13cb7c95f6007f38dea8480a65eb27bac936bc78f9aa24963c619d
SHA512

563ce71b11474c6cda930c9616c7e86ad9d391fea67779f0c430c516e979cdd4fe31b144865e8e8b231c12cf2f93ff5c88a594bdd6e86fd5082a169eee481a5e
SSDEEP

3072:P+X1CMYNe4pPrnD3P9uGdt6ukSCQu54rvIckg1loSrnd:dMb4ZD3PMGdHO5mIzgDoSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.388ac25bdb5bfed32cd3f26a596ddd10_JC.exe

Files

NEAS.388ac25bdb5bfed32cd3f26a596ddd10_JC.exe
.exe windows:4 windows x86

08f63de9e790adb02aa01c38295e7b1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocaleName
SetConsoleFont
QueryActCtxWWorker
ExitVDM
FatalExit
PssWalkMarkerSeek
GetFileSize
CreateThreadpoolTimer
GetStartupInfoA
SleepConditionVariableSRW
EnumCalendarInfoExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE