NEAS[.]14c87afbbf377732ded1f2119b8780e0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.14c87afbbf377732ded1f2119b8780e0_JC.exe
Size

186KB
MD5

14c87afbbf377732ded1f2119b8780e0
SHA1

bc6d7d04271afab84891d6825cf4fac122471f40
SHA256

e355f5c9f13cbdbe384495ec4276481c657c5ab6e79c00bfb256f10f084ffaf9
SHA512

05295dbd7469a94a2fc84cd39729bf3b8adcc6df800dff60456f6eb49203611535ae7011c74aa80401172a14268103d5434a97f4c72da401ee0e014c014dc45c
SSDEEP

3072:z7ZYU3chQcvr9MTHSvTqqjaDAvWaU0pzcf5VKk6u/dcSdT0LH6Tt/Qw2jJ60YiDO:nZLczpTtJuaHFcf5VKpcbdT0Oh/QjTYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.14c87afbbf377732ded1f2119b8780e0_JC.exe

Files

NEAS.14c87afbbf377732ded1f2119b8780e0_JC.exe
.exe windows:4 windows x86

75a1e6a90e23970ef6a8bc4ab266ec6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

winmm

mciSendCommandA
sndPlaySoundA

kernel32

IsDebuggerPresent
Sleep
GetACP
GetLocaleInfoW
GetAtomNameW
QueryPerformanceCounter
UnhandledExceptionFilter
lstrlenW
GetTickCount
SetUnhandledExceptionFilter
InterlockedExchange
GetStartupInfoW
GetEnvironmentVariableW
EnumResourceNamesA
LocalAlloc
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
QueryMemoryResourceNotification
InterlockedCompareExchange
WideCharToMultiByte
RaiseException
GetModuleHandleW
lstrlenA
CreateProcessW
MultiByteToWideChar
GetSystemTimeAsFileTime
TerminateProcess
GetThreadLocale

shlwapi

PathAddBackslashA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ