NEAS[.]160ab3c040b9df29515e7077d017cfe0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.160ab3c040b9df29515e7077d017cfe0.exe
Size

66KB
MD5

160ab3c040b9df29515e7077d017cfe0
SHA1

dd5f8723beaeda80a29fadff19f019b5ed4a1aad
SHA256

8bfd52463b16e79a6cabff915d49e05236ccdf770d4acb7a6ece7b17f3f79a36
SHA512

ddc4a1f9da51ed0a7d366246f5e026abde10402c033b4797f5f5d7caf7ac137e1f75f05f5df9bc200961258ac1f2b83182eb3d563aba20f6b5a2a911d4d7e747
SSDEEP

1536:g+z5afy3EYQQCLrVjxERvRG/SPIUnHLoVLzOEQsLPx:9z5afy0hQCNxERk/CIgHLoOiPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.160ab3c040b9df29515e7077d017cfe0.exe

Files

NEAS.160ab3c040b9df29515e7077d017cfe0.exe
.exe windows:4 windows x86

8c961b23947a60d1c692d8f367dd446c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemWow64DirectoryW
DefineDosDeviceW
CreateSemaphoreExW
SetThreadpoolWait
AppPolicyGetThreadInitializationType
SetDefaultDllDirectories
TransmitCommChar
RegRestoreKeyA
ConvertThreadToFiberEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE