NEAS[.]4ad95dc501b7edcb9e880e6a00c178b0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4ad95dc501b7edcb9e880e6a00c178b0_JC.exe
Size

119KB
MD5

4ad95dc501b7edcb9e880e6a00c178b0
SHA1

5b741bd8168d3f0347e875fc4f1d2c22ddd0f1d6
SHA256

de48d7d86a64c6c608cb2062efb369661b63c3810b807404da0ee4b26ed76a01
SHA512

bce178ee6babc510e427677138a4b9c3c5741a3ebe65e860c9dde84b79652ece43e517de7a9cd970441c8799b4f9d0be872a18bda36c2dd8806c7402fc9a1cfc
SSDEEP

3072:ajAOcX404GjAznSTTuMzSYGVGsaRz2H4bIBqEWaZ:a8V4GjkquMzOaxb6AaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4ad95dc501b7edcb9e880e6a00c178b0_JC.exe

Files

NEAS.4ad95dc501b7edcb9e880e6a00c178b0_JC.exe
.exe windows:4 windows x86

a81824dcf7f09758db4429de4ca851eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionEx
OpenThreadToken
ReleaseActCtxWorker
TlsFree
FlushInstructionCache
GetConsoleKeyboardLayoutNameA
AddRefActCtxWorker
InitializeContext
HeapFree
OpenThread
ReadConsoleInputExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE