NEAS[.]4bb1cd0c363478c22f4258d097458190_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4bb1cd0c363478c22f4258d097458190_JC.exe
Size

226KB
MD5

4bb1cd0c363478c22f4258d097458190
SHA1

5325746665b3085519b7d4ad085dceef040e9d46
SHA256

182899ad7da1046f0f8992b643444e0f9cc0b9c16ef4d1c2fcf9ec545cd69ecb
SHA512

ed8ac692af94464946045beeaaeb2dad716924450521308313244ea5630073a583250e1363d67719b93c58111ddd061b084c0cdcb3057572d0def961b2620a70
SSDEEP

3072:06S2HiB/oEhc5CxS6v99fYkaaToxdgNZpseUkQfK:06niBl0CxS6v99fYRaUvgNPse4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4bb1cd0c363478c22f4258d097458190_JC.exe

Files

NEAS.4bb1cd0c363478c22f4258d097458190_JC.exe
.exe windows:5 windows x86

a3afef9d05d508e393368b67ae698870

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorInfo
HeapFree
HeapAlloc
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetProcessHeap
GetSystemInfo
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
IsDebuggerPresent

user32

GetSystemMenu
GetSystemMetrics

gdi32

GetSystemPaletteEntries

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ckaFBBzE
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IBInOzPT
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.92843
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ