NEAS[.]2c6967d66190a993040f14e8661ce790_JC[.]exe | Triage

Sharing

General

Target

NEAS.2c6967d66190a993040f14e8661ce790_JC.exe
Size

119KB
MD5

2c6967d66190a993040f14e8661ce790
SHA1

ff9fb6fd975c506ccc5f31043bceb47081eaddfd
SHA256

ee7d492d8835cbbbcc138f3a7d9df6ea50e750ed6bc58d48d6f5d414377b01f8
SHA512

c4e0f1ae1076b8f829ffa197f5fcdc3c1d7352b0b3d22a0032e57cce08f665daaecf3d6db02a8685f2ada3b11bf6281fc14439b3318f1e83d271fdb857ca4f4c
SSDEEP

3072:SNa2iDfjoNq+U7rjbcxWKMeLge8XSI/1yxLipHI8:d2sQq+Awx5MfX71hpj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2c6967d66190a993040f14e8661ce790_JC.exe

Files

NEAS.2c6967d66190a993040f14e8661ce790_JC.exe
.exe windows:4 windows x86

a29311a6ec81b4e9085735816fe05171

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPreferredUILanguages
VirtualUnlock
CreateSemaphoreExA
EnumLanguageGroupLocalesA
GetCPInfoExA
CreateBoundaryDescriptorA
GetLastError
GetProcessGroupAffinity
ReadDirectoryChangesExW
AppPolicyGetProcessTerminationMethod

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE