NEAS[.]3522b56a4858af91a7889fe17140e5a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3522b56a4858af91a7889fe17140e5a0.exe
Size

256KB
MD5

3522b56a4858af91a7889fe17140e5a0
SHA1

9cf9938b2d7b5388957ff829a353f5da68dbd5f9
SHA256

25634240e0e9f3630b5df5add67f6c23a8934788d717e7b49dfd7b957a125d1e
SHA512

93ee6857ee2845afd0dea61b33d65ad4ebfd4e8a19c20d33dc4b25d31d1837096d9a1dc85d6af7533ffd99a26911c796cee0bc0df5f83178c362711922f8ca11
SSDEEP

6144:rkA+M1+MyNk6/wguJpVopIM/eiG3cE9bAxsfW7p:rIMM7IjJ7oaz33O6eV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3522b56a4858af91a7889fe17140e5a0.exe

Files

NEAS.3522b56a4858af91a7889fe17140e5a0.exe
.exe windows:4 windows x86

6d8a093c698495786801b3643b6b96eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
FindNextFileW
SetProcessPriorityBoost
SetTapePosition
GetLogicalDriveStringsW
VirtualProtectEx
GetComputerNameExA
GetProcessTimes
GetFileSizeEx
GetNlsSectionName
GetTimeZoneInformation

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE