NEAS[.]c935eb25947409634a5a3c06df573110_JC[.]exe | Triage

Sharing

General

Target

NEAS.c935eb25947409634a5a3c06df573110_JC.exe
Size

5KB
MD5

c935eb25947409634a5a3c06df573110
SHA1

7caf8a7640a1d9b77095eb06bc3684d4dacd4c79
SHA256

aee1cc4fca77ad9df0917a18b792ceffa72d8616f400b7c1b1ecf8b4cffddc8e
SHA512

92934e2baefaefff2c9601a4311614491ab9b9e81b8e3f6e2007ec13c16e17662caed979e59461449b308d90ba36cf82b829494793d1e07ea97a38d41d9f6303
SSDEEP

48:6OsOtHYWXQWfYpTE6cW9cZNDFCzuVBQTjONpTrg7AARARw9orw4Lf:tZtHNXQSYBvcHV2kuTjOHTr/44kor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c935eb25947409634a5a3c06df573110_JC.exe

Files

NEAS.c935eb25947409634a5a3c06df573110_JC.exe
.exe windows:4 windows x64

f03b26c7ad95f662ab116070ef30bd39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilOidAppend
SnmpUtilOidFree
SnmpUtilPrintOid
SnmpUtilPrintAsnAny
SnmpUtilMemReAlloc
SnmpUtilOctetsNCmp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ