NEAS[.]a7b060ca8031d471f90537fe48019340_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a7b060ca8031d471f90537fe48019340_JC.exe
Size

119KB
MD5

a7b060ca8031d471f90537fe48019340
SHA1

5afd063a5ca89b436e2aabd64a05f829e8b3a5c5
SHA256

51b77573015758ebbac05672adbd44408e3890d39fc96baf3e972f831b15df3e
SHA512

8daa2c94e74680dd9541b68e01124122d71506fd052f7420d90ab07b176b154d889fe11430ee9adfc66e2c3606d8649a2d1460d528cd49c4b288876ec4267888
SSDEEP

3072:G/Sz8Q73GX93hV2oM47XRSCWY3xKSlpl5AopWL:ESl3gDV2AbRy0Npr5YL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a7b060ca8031d471f90537fe48019340_JC.exe

Files

NEAS.a7b060ca8031d471f90537fe48019340_JC.exe
.exe windows:4 windows x86

713fddb289fd7e87383de88e5b83f94a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCommandHistoryA
BasepQueryModuleChpeSettings
GetConsoleAliasExesW
RegDeleteKeyExA
WerRegisterCustomMetadata
UnlockFile
LocalSize
CreateNamedPipeW
GetThreadSelectedCpuSets
UnlockFileEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE