NEAS[.]2efd21d183e63a9ff732f2762dca4090[.]exe | Triage

Sharing

General

Target

NEAS.2efd21d183e63a9ff732f2762dca4090.exe
Size

147KB
MD5

2efd21d183e63a9ff732f2762dca4090
SHA1

52de78adc4e0c11770a8eafb9909082999e7a9b0
SHA256

154214e38b013a1c74c7ac6dd5ccb140f2993fd6f218ec2e89f65b23255d1ba4
SHA512

7b7a7c9373a6859e333b3b703b08cf91f4fc19c7e31e6b2a43966fe4cbfb7d46743c6030c28b40a6bc22ac59b1116eca7a2e5960a58b0e230fa9d5f0e0626553
SSDEEP

3072:zaO5aHlJgymHcejzthh4ASGiwdt12W9742lFC9txNq/OUe1u9X1:2vlOygbp7iwdX2WstxA/uA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2efd21d183e63a9ff732f2762dca4090.exe

Files

NEAS.2efd21d183e63a9ff732f2762dca4090.exe
.exe windows:4 windows x86

15c6f6dbba436b91ff94b49576e0a884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
GlobalAddAtomW
UnhandledExceptionFilter
EnumSystemLanguageGroupsA
GetLogicalDrives
GetVolumeNameForVolumeMountPointA
CreateMailslotW
LocalAlloc
GetDriveTypeW
GetDriveTypeA
IsValidLocale
IsValidCodePage
RequestDeviceWakeup
QueryPerformanceCounter
GetFileAttributesExA
GetLocalTime
GetPrivateProfileSectionA
GetProcessVersion
SetDefaultCommConfigW
lstrcmpW
DeleteVolumeMountPointW
GetCPInfo
ConnectNamedPipe
Beep
MapViewOfFile
LocalSize
WaitForMultipleObjects
FindVolumeClose
FreeEnvironmentStringsA
OpenEventW
VerifyVersionInfoA
_hwrite
GetLongPathNameW

user32

LoadMenuW
ModifyMenuA
GetGUIThreadInfo

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE