NEAS[.]5a34529cf2f4ef1a9eec8975e9704480[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5a34529cf2f4ef1a9eec8975e9704480.exe
Size

144KB
MD5

5a34529cf2f4ef1a9eec8975e9704480
SHA1

79ac8d915c05557eb64f8dce8d4bbbea0f1181e0
SHA256

1c69df6f1dad50e55f19d851d2d9e8fe02b40568480b58575bbbbe45c5f29ef5
SHA512

c9da9b0a9e07be1c281df5fd2ed804df8aba5dafb76ab467e45a55bca725ff402a85c4343af930b19b90bce64af8f0a0ac7db7970a7e20d59fb4b679f15d31bd
SSDEEP

3072:JhFl33mvE+N5hHs2qmRlixXaKa0qMW2pVol3IFEyKwLR:JhF5w95p/wguJpVopIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5a34529cf2f4ef1a9eec8975e9704480.exe

Files

NEAS.5a34529cf2f4ef1a9eec8975e9704480.exe
.exe windows:4 windows x86

ec047170dc6d0e95da8f9e8b965384c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalExit
GetLinguistLangSize
SetVolumeMountPointW
RequestDeviceWakeup
GetPriorityClass
ReleaseSemaphore
IsProcessInJob
VerLanguageNameA
GlobalAddAtomW
lstrcatA
SetCurrentDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE