NEAS[.]181de937da48ed3533cd58b2b4fe4a30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.181de937da48ed3533cd58b2b4fe4a30.exe
Size

66KB
MD5

181de937da48ed3533cd58b2b4fe4a30
SHA1

73625390c78f3a63c5bdacef9c7b0744a1f7a384
SHA256

1a1e66d08906d2a475c8115e9122d18aa442508e612a35ba969f69132f6029af
SHA512

8caf42e0c0a3e268277101ed9e0480b62088306b5170a1cb62b0e0c47bed03fd5aaae5241d91c159c400f5c4bdd64e69df88a1ad25558aeda1ed730c58a842be
SSDEEP

1536:h3Hr60zBIfX3OiD3DyqZWjz22X+vvKEzvhNRG6qbF2a:h3L60tIfH5ZWH/nEzRAF2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.181de937da48ed3533cd58b2b4fe4a30.exe

Files

NEAS.181de937da48ed3533cd58b2b4fe4a30.exe
.exe windows:4 windows x86

f29255f06b9ba128a26ba8f630cbc436

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
IsBadReadPtr
SetCommConfig
EnumUILanguagesA
DebugActiveProcess
GetFullPathNameW
SetHandleCount
OpenThread
SetConsoleOutputCP
FindNextVolumeMountPointA
GetCommandLineW
GetDllDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE