NEAS[.]139e6aad9a1b897b41b62e3e18485140_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.139e6aad9a1b897b41b62e3e18485140_JC.exe
Size

100KB
MD5

139e6aad9a1b897b41b62e3e18485140
SHA1

d1e8438c8745c8218b6c9435be3ad4d0c8257063
SHA256

bea71079036416155fddd8b9673fbe479b980f2a6c30130fd50be3f9d18f024e
SHA512

01ab760c31afdfc65480b4c066eafc961243a034039fefff7a3324b9e49e4314e48604a32b96cb6fca924101d8a93c9c6953fbe9464c012a47e907da36828004
SSDEEP

3072:3MjjeSsGTGdtjB+oU8g41LWP916W4CEc4IvSJjp:3MnTA2Ae6WnST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.139e6aad9a1b897b41b62e3e18485140_JC.exe

Files

NEAS.139e6aad9a1b897b41b62e3e18485140_JC.exe
.exe windows:4 windows x86

1c0efacf0bdde07407a113bf71037ab2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCommandHistoryW
InitializeCriticalSectionAndSpinCount
SetCommBreak
SetSystemTime
GetStartupInfoA
SetSystemPowerState
GetNumberFormatA
BuildCommDCBA
HeapCompact
ReadConsoleOutputCharacterA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE