NEAS[.]1d7971bda29024080bfde57b35f9c700[.]exe | Triage

Sharing

General

Target

NEAS.1d7971bda29024080bfde57b35f9c700.exe
Size

66KB
MD5

1d7971bda29024080bfde57b35f9c700
SHA1

43600fc0c53e88aa9177a169d11c0c6b8ec46de0
SHA256

845e0cc364bd761bb14ce86042daaa50a68d3777e7a174f0decc2e5583725950
SHA512

1e6dd82c3f1c7e67783c8ed96066798c20272b8ad858b9e407d27bd8716cc52bee3b7198dafb782709bdb0232845fba5ff176fab20a5deb367b405fdd1d49f52
SSDEEP

1536:kSa9AmbPeCnOnspRru+mUbVW/N4vxvbOhn4uvZjB:k5TeCnGspRrus+sxXuBjB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1d7971bda29024080bfde57b35f9c700.exe

Files

NEAS.1d7971bda29024080bfde57b35f9c700.exe
.exe windows:4 windows x86

669deeb48d1fc962fa0f4649532ee736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitOnceComplete
GetPriorityClass
AddAtomW
OpenProcessToken
HeapAlloc
ScrollConsoleScreenBufferA
GetEnabledXStateFeatures
CreateFiberEx
SetHandleCount
PurgeComm
K32EnumProcessModulesEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE