NEAS[.]35736c8c197eda37cbb98471fa2663f0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.35736c8c197eda37cbb98471fa2663f0.exe
Size

66KB
MD5

35736c8c197eda37cbb98471fa2663f0
SHA1

a0b5e8fcedd87f5c0d33ed6c09e9fe3fd267d372
SHA256

8482218c0fc98321f62f9fbc28ed698d415a32883ea501f021eec8093649d280
SHA512

2163b2f0b815edcd9356536110b431349bdd6b7e91a7d72af495d78b6be89d397b2b6b8c6c60d7d15477c7885c2a907dd72e8f7ec183c9e1f14d8617888f4f42
SSDEEP

1536:TH9mtPtDzl3VhOOW3th+0JAJE1D0q89FmqKxfnWLUBevBBxoyYBtbN0CmkxJ2zAm:THIjDzlGOatxD0/vEWoBevZ9sNVCz3D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.35736c8c197eda37cbb98471fa2663f0.exe

Files

NEAS.35736c8c197eda37cbb98471fa2663f0.exe
.exe windows:4 windows x86

83d1831d75823fd3920baa83e8560a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleOutputCP
IsNativeVhdBoot
FindFirstFileExW
FatalAppExitW
GetPackageId
GetConsoleCharType
LCIDToLocaleName
FindNextFileNameW
RegEnumKeyExA
GetACP
GetSystemCpuSetInformation
SystemTimeToFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE