NEAS[.]3338a4cc7b46541c411010df89491fa0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3338a4cc7b46541c411010df89491fa0.exe
Size

64KB
MD5

3338a4cc7b46541c411010df89491fa0
SHA1

ee9b66d956aedbc2d699f7556e84c74e852ec063
SHA256

e678fbe5ad689de1ef760c7dcd5d71b8ffb186d1250b1e51098d29cd12141338
SHA512

493d6107ad6a9a8b2c3c6987590eb94f38b7f7ead60cf21233887472476f633b30ac5fc7c47ec3f209ba13cc54bcbb255db116e5537549707d37adb0a5e579b1
SSDEEP

768:UgnNIvOm65gNajzTkIMKJca3tqI8uqbT6DaZ2IsGmlmyacZUNPNJbhLuf6f8U1CQ:Wx65g4zTkcL3tqIdgx2IsG6SJbeCWB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3338a4cc7b46541c411010df89491fa0.exe

Files

NEAS.3338a4cc7b46541c411010df89491fa0.exe
.exe windows:4 windows x86

c114d13fbf87c4b4b7052f017dcbe7fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentThread
FlushInstructionCache
VirtualProtectEx
ExitProcess

ntdll

NtReadFile

user32

DestroyCaret
GetActiveWindow
GetWindowLongW

Sections

.ntext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ksuyhq
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bogwhq
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ