NEAS[.]d16df351c7860e3b277b40c8c411fac0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d16df351c7860e3b277b40c8c411fac0_JC.exe
Size

5KB
MD5

d16df351c7860e3b277b40c8c411fac0
SHA1

4b5ce2b4522e03dc215d6ed9070ec94c03e2e80a
SHA256

449a1acc00e69aea59996e4c7a512134cddcf5f5e829d2a6a83c9308aa9d2907
SHA512

56937a86df0f674f1cf4db115ef057a4444f4d2e0cb63d6c2fe7e2c674e5c75c6e0a8769dba21bfa9e255a11bb816e645efdc315363c3014905e890b89d55116
SSDEEP

96:ptHvdXbqGIxVNYGpwD9nOmnddoTrkHs3RtRzorpN:DvdXZsVWzBnOmuhHzorpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d16df351c7860e3b277b40c8c411fac0_JC.exe

Files

NEAS.d16df351c7860e3b277b40c8c411fac0_JC.exe
.exe windows:4 windows x64

86689e36ce122bde0dd93c7847c287c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilOctetsFree
SnmpUtilOidCpy
SnmpUtilOidFree
SnmpUtilPrintOid
SnmpUtilMemFree
SnmpUtilMemReAlloc
SnmpSvcGetUptime
SnmpUtilOidNCmp
SnmpUtilOctetsNCmp

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ