NEAS[.]479ba7490e68866c717b4aee2ddfe0c0[.]exe | Triage

Sharing

General

Target

NEAS.479ba7490e68866c717b4aee2ddfe0c0.exe
Size

24KB
MD5

479ba7490e68866c717b4aee2ddfe0c0
SHA1

9f851b99111d8e50066da18902454429436dda4c
SHA256

24290d8cea0f1f6c64303827f07e8e3c2e03cc7b60bbb3ce3cc66c074b6b2b18
SHA512

80b930b967267dde30f9a35471cefef7917bb26a72d2435338e3294ab33bc9dc47637e6bb40f6f3822be5b1c4d4d2b731ff64e3feddf44f991b0c3d51d7299ba
SSDEEP

384:hoIRlQgktqYekvLyqRsjPdPyQMs14kVdjaLacmkC0GJsJxXSdqWoZDEWA:hoMkZDzlswQMs1tjaLacmkLGKddm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.479ba7490e68866c717b4aee2ddfe0c0.exe

Files

NEAS.479ba7490e68866c717b4aee2ddfe0c0.exe
.exe windows:4 windows x86

e3652483bc29904576717521cef35c5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
UnmapViewOfFile
WinExec
GetTempFileNameA
GetTempPathA
Sleep
GetTickCount
GetSystemDirectoryA
GetProcAddress
OutputDebugStringA
GetPrivateProfileStringA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
LoadLibraryA
ExitProcess
GetPrivateProfileIntA
WritePrivateProfileStringA
GetVersionExA
FreeLibrary
GetLastError
GetModuleFileNameA
GetWindowsDirectoryA
LCMapStringA
WideCharToMultiByte
GetStringTypeW
RtlUnwind
MultiByteToWideChar
GetStringTypeA
LCMapStringW

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE