NEAS[.]327d8372b359fe8f337bb82695230bc0[.]exe | Triage

Sharing

General

Target

NEAS.327d8372b359fe8f337bb82695230bc0.exe
Size

105KB
MD5

327d8372b359fe8f337bb82695230bc0
SHA1

a3353a705efad5b723d6caac69142086aed401e9
SHA256

1f111c4c5907450bee4e4eefe40f635916ac07f1d31f7e9fe561a78de853f0d8
SHA512

258f2313e488f17d4f8a75b83df513890f5a6dfc30a8c094669154eca726b732890658904314dfc8534fac738d35362398a9d559eb6177b973c7fa845a25e299
SSDEEP

1536:1yrhZp8k80A5jDp4PoAaPg7e50Qee6upxSvK5RojQinEtcFDN3F4rO0/:1y/p8Bn5PiQhPz0QeCPSC5R+N14rO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.327d8372b359fe8f337bb82695230bc0.exe

Files

NEAS.327d8372b359fe8f337bb82695230bc0.exe
.exe windows:4 windows x86

16a7ff053b739afba9ef0a11191a21c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetSystemTime
lstrlenA
GetWindowsDirectoryA
lstrcmpiA
GetModuleHandleA
lstrlenW
GetCommandLineA
lstrcmpiW
QueryPerformanceCounter
GlobalFindAtomA
lstrcmpA
DeleteFileA
CopyFileA
VirtualAlloc
VirtualFree
RemoveDirectoryW
FindClose

gdi32

CreateFontIndirectA
SetStretchBltMode
SetTextAlign
CreatePalette
GetTextMetricsA
DeleteObject
GetDeviceCaps
SaveDC
DeleteDC
CreateSolidBrush
LineTo
SetMapMode
SelectPalette
GetObjectA
RestoreDC
GetStockObject
CreateCompatibleDC
RectVisible
GetPixel

user32

CharNextA
GetParent
GetDC
GetDesktopWindow
TranslateMessage
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ