NEAS[.]6e65d8b2d27991d3166f881c12cdc0fa2e541f21e71029748caba9842be2995cexe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6e65d8b2d27991d3166f881c12cdc0fa2e541f21e71029748caba9842be2995cexe_JC.exe
Size

3.5MB
MD5

ab174d3e5a2ee42b251762803326df17
SHA1

b7a3e13484273bedbb9a253ab71cc0ce2cdcfbb6
SHA256

6e65d8b2d27991d3166f881c12cdc0fa2e541f21e71029748caba9842be2995c
SHA512

fa37b20431846f42f68d40c2c85647654a9537f029cbc61bd795aa86d5d953e55fd1b8a33753f298deca4e1f758ec22d2780bd99bbf845b9d3b62f299ffd7f60
SSDEEP

49152:C+LmGoA/WQmq1pbx5LPuG7zgTob7PSBk8PeTEJCaxudhT:ChtyWLSx5a4zgc7PknWoEuudhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6e65d8b2d27991d3166f881c12cdc0fa2e541f21e71029748caba9842be2995cexe_JC.exe

Files

NEAS.6e65d8b2d27991d3166f881c12cdc0fa2e541f21e71029748caba9842be2995cexe_JC.exe
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 772KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ