NEAS[.]3b79b70d16b676aae89f95e2bdea1dd0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3b79b70d16b676aae89f95e2bdea1dd0_JC.exe
Size

3KB
MD5

3b79b70d16b676aae89f95e2bdea1dd0
SHA1

91a91c891c3c6f91379001bf73c1d12d736a4c8d
SHA256

5b15acdeab145ea0e42ef7b8a938aefbb440718ead255f6f6dedc802e05b7e9a
SHA512

cf147610b0dfc871798c27b76b1a64a2d55a40878ecbec1493d314075c0445806b026534ded488ab3ca5e1de409c22ae5a05ef23b32423b44acb84e6e7842c08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3b79b70d16b676aae89f95e2bdea1dd0_JC.exe

Files

NEAS.3b79b70d16b676aae89f95e2bdea1dd0_JC.exe
.dll windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AbortSystemShutdownW
InitiateSystemShutdownExW
LookupAccountNameW
LookupAccountSidW
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
LookupPrivilegeValueW
LsaEnumerateTrustedDomains
LsaManageSidNameMapping

Sections

.text
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ