NEAS[.]310969766486b3aa28661658a6e63ff0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.310969766486b3aa28661658a6e63ff0.exe
Size

91KB
MD5

310969766486b3aa28661658a6e63ff0
SHA1

73edafd2cfba4b74accf4d8a0f383c2e7c1dd288
SHA256

254e6c656b3c58cda26cc81c1363969c96a9f19b285e0ebc150b2354c8a8c144
SHA512

ea93f1f6462858b25a7f0faa49204deb23e20809895c521c832aaf0e3b906c21d5c44f992d18e676240f7573895df16aef52950ce5d8c5204ca8a3f8d6545280
SSDEEP

1536:trdlSmoVfo2liyoqf4HJb5eX/K14xTBjlaR0c8YaEJwZK4/83ZoMOA1dXtxM:tDSm4wEiPqgH55eXy1ihgR0hZEXtpx1m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.310969766486b3aa28661658a6e63ff0.exe

Files

NEAS.310969766486b3aa28661658a6e63ff0.exe
.exe windows:4 windows x86

a3ba99755f98827f784bf0deb0c28a86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryMemoryResourceNotification
GetDiskFreeSpaceA
GetConsoleDisplayMode
ConvertDefaultLocale
GetConsoleFontInfo
AreFileApisANSI
ReadDirectoryChangesW
FreeUserPhysicalPages
IsBadHugeReadPtr
GetQueuedCompletionStatus

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 35KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE