NEAS[.]4a68e539afba9a9ccdf5c8b766358660[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4a68e539afba9a9ccdf5c8b766358660.exe
Size

29KB
MD5

4a68e539afba9a9ccdf5c8b766358660
SHA1

00ac4f3cd76db6304de534a849ddfa57681426fc
SHA256

07077d07e3bc936eb2398297ccb4f80ebd3a97bd873701918a06109dfc7e4f70
SHA512

cdaef9598450e153440fd194a2c0ed2387dbdd56206410a4da0f2fc59a1e262f79de928c6e636de12ea0ef7a63c4b5ab9eea5c9e49871a2b828c3c5fe216820f
SSDEEP

768:om05k4mjNmntC2ojHXRrs9sINeZEtejlIkoLN127BFVn2p4lAnZ8Oqt+D3D/jd:q+vjNmnVojXRrs9sINeZEtejlIkoLN1T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4a68e539afba9a9ccdf5c8b766358660.exe

Files

NEAS.4a68e539afba9a9ccdf5c8b766358660.exe
.exe windows:1 windows x86

683692d4746aa100a2b6043db7fe5945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
EndDialog
GetDlgItem
DialogBoxIndirectParamW
wsprintfW

kernel32

HeapAlloc
GetProcessHeap
GetModuleHandleA
lstrcpyW
ReadFile
CreateFileW
HeapFree
CloseHandle
GetFileSize

comctl32

ord17

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ