NEAS[.]7b62b21ea43eacb1539b2b040b187740_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7b62b21ea43eacb1539b2b040b187740_JC.exe
Size

98KB
MD5

7b62b21ea43eacb1539b2b040b187740
SHA1

5e527b884deb91352023b4effbcc5dc32d3ae124
SHA256

6885ef091e2ac18f5043721527219b47ed0caa073bdcba0402cb6f4deb78416e
SHA512

05ee704e6be6c5bef5ab4f64299d9911c87be08684f80d82970fcc4ef7cb885f2e3bc0c99a494dbf0948173811f218eea04d64019d1ea53e2ac7dc7663272872
SSDEEP

1536:1eXk3ATD6iSN9KMWXa7dRSTZN1FmqdOHk8o0baCBAue026xKmZedV5vRZshci8ZL:1STD6z4Fa7ONCwwBAuebqCd/sKomH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7b62b21ea43eacb1539b2b040b187740_JC.exe

Files

NEAS.7b62b21ea43eacb1539b2b040b187740_JC.exe
.exe windows:5 windows x86

99d5d54226d07fdab82543b1f9742b22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

GetDC

advapi32

RegCloseKey

shell32

ShellExecuteW

ws2_32

gethostbyname

iphlpapi

GetAdaptersAddresses

oleacc

LresultFromObject

gdi32

SaveDC

winspool.drv

OpenPrinterW

oleaut32

VariantClear

Sections

dssdffff
Size: - Virtual size: 276KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dssdffff
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE