NEAS[.]1f17a6b993167e34979bcf206b0cf6f0[.]exe | Triage

Sharing

General

Target

NEAS.1f17a6b993167e34979bcf206b0cf6f0.exe
Size

236KB
MD5

1f17a6b993167e34979bcf206b0cf6f0
SHA1

26bd5e29a06feaa06604527f7b53296592a71689
SHA256

53fb0785e6e6f7cacd7ce76b0046c8d07b8fd6a6002fb66354ac45c81ad13572
SHA512

de75eeef0c2586c2376a2626cccf10e9b31d4bb8d3832851e634936b5aa22feeb8669bddc54345c38c28317d0444a5e908d37dceb222f2e907db2c10e1166a44
SSDEEP

6144:+JuXtXxog5E+FWPNfrf6yGEssQxNpbM2mQ:i8XNE+FuNfrSyGEssQJ6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1f17a6b993167e34979bcf206b0cf6f0.exe

Files

NEAS.1f17a6b993167e34979bcf206b0cf6f0.exe
.exe windows:4 windows x86

3e3d633779e35448851e7a9ca7e72522

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoInitialize

Sections

.MPRESS1
Size: 170KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE