NEAS[.]4d07fe232f5120c5f8f2bb8089da9ca0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4d07fe232f5120c5f8f2bb8089da9ca0_JC.exe
Size

119KB
MD5

4d07fe232f5120c5f8f2bb8089da9ca0
SHA1

b73eee1a6e52bb1795626de27188940ad5f7e6b2
SHA256

d6307b1c17479d431824bdf9019dd4a29ea23f685f66f04073bdd9d73ee4dcc3
SHA512

53ed8874babcaa424c6554a1ecf0eeaf3563ac5e464f7084736daf4736e50eb57eb448f8d8531bef65c6950fe051aa5e8720135a012d99adc60bcad4353d2221
SSDEEP

1536:pDe3aXeLiNHm/sGUhoQU53vP/kuXe6pFt+XzESmZwUVrYRhCQNX75W24PapN+8qU:HOLeK753fre6pyYSmZeEMW24PqN5Z7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4d07fe232f5120c5f8f2bb8089da9ca0_JC.exe

Files

NEAS.4d07fe232f5120c5f8f2bb8089da9ca0_JC.exe
.exe windows:4 windows x86

c860e7f33edea338803299dc63339468

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RestoreLastError
GetDateFormatA
DeleteTimerQueueEx
OpenFileMappingW
NlsEventDataDescCreate
GetNLSVersionEx
Wow64Transition
GetProcessGroupAffinity
SetConsolePalette
ChangeTimerQueueTimer
DisconnectNamedPipe

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE