NEAS[.]1443988e0979c5c7de226326a1ab7a90_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1443988e0979c5c7de226326a1ab7a90_JC.exe
Size

56KB
MD5

1443988e0979c5c7de226326a1ab7a90
SHA1

ba6b40b07f9576be66ccf4dca7353dd7177af130
SHA256

25728e43b46ae9f637e7d74cb2b2a5d485181e2347e4d5979846bd30d4f33450
SHA512

8344d3703e58f6d6d1deb8a79d60fa208aa849636f99276ad44cae7f9fd7737e2f84e0fd31e12562930215a526f2b1cfc95259796421e5d3543af04c2c144d50
SSDEEP

1536:PW7dg3hROw4AU3dF6nU0NqYHnQxhG9oLqc7C54:Pwg3D4AU32nU0Nq2QhDLq154

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1443988e0979c5c7de226326a1ab7a90_JC.exe

Files

NEAS.1443988e0979c5c7de226326a1ab7a90_JC.exe
.exe windows:4 windows x86

29bd2743490689200c6b63a242511981

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberOfConsoleInputEvents
GetWriteWatch
BaseProcessInitPostImport
WriteConsoleOutputA
SetVolumeLabelA
GetEnvironmentStringsW
SetFirmwareEnvironmentVariableA
EnumResourceNamesW
SetFileTime
FindNextVolumeMountPointA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE