NEAS[.]91b4782d6307808dc5433896dab632b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.91b4782d6307808dc5433896dab632b0.exe
Size

66KB
MD5

91b4782d6307808dc5433896dab632b0
SHA1

c1c30a4abddfdfcea2990e97abdab4408dd73c6f
SHA256

e67f66274f73ce58709ebfafbd697ed7ec2658dbe40777d6716d948bd3e5888f
SHA512

2f2479d1da1b73b7b141e2d316f0cacb4146fedc77780d153fa6ee3d6c0847bc2fe704323a75583143bd41af942c3ae72ed327339f701043cfc002863e33d8b1
SSDEEP

1536:d0HgZ/7Gc1L/drz9MesZSmTITpQyFSlyJNlFvO3c:d0HgZ/L1LdzqSyI9QyFSlyLldGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.91b4782d6307808dc5433896dab632b0.exe

Files

NEAS.91b4782d6307808dc5433896dab632b0.exe
.exe windows:4 windows x86

029a8e15c9c00afb300acb7d85c7b300

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDefaultCommConfigA
GetLargestConsoleWindowSize
ApplicationRecoveryInProgress
SetHandleCount
FillConsoleOutputCharacterA
CreateFileMappingNumaA
WerGetFlagsWorker
GetLongPathNameTransactedA
TzSpecificLocalTimeToSystemTimeEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE