NEAS[.]13810dc73ee23f50b7844bb592b961a0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.13810dc73ee23f50b7844bb592b961a0_JC.exe
Size

62KB
MD5

13810dc73ee23f50b7844bb592b961a0
SHA1

451c9971aea63b196bd3fb2af66fbc48eda3c182
SHA256

a5f455bde56073cd51fe5b87f73f6d862a991d84b9778af6f6a32357b562baa8
SHA512

b6c340b3e124f67f2fdc42b089e10e436c8cd106b00e2e3bb35f79a591dbfc2d106abc8f0fcce23c888a8cd53d9929e48c82be4c8d0be11444f157ca26312a32
SSDEEP

1536:ta8lan4PYLABPyNBhuxo9u7uXKv82JQjKwaqxGtg+0T:Da4Pfy7h/9jK/JQuw97+0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.13810dc73ee23f50b7844bb592b961a0_JC.exe

Files

NEAS.13810dc73ee23f50b7844bb592b961a0_JC.exe
.exe windows:4 windows x86

033021ce7a396a445a3b414d2ab31120

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringA
WriteConsoleInputVDMW
DeleteTimerQueueTimer
EndUpdateResourceW
BaseCleanupAppcompatCacheSupport
QueueUserAPC
IsBadCodePtr
SetConsoleTitleA
GetCurrentProcessId
EnumSystemCodePagesA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE