NEAS[.]b03f2e860dc2b32b85a19d59208876f0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b03f2e860dc2b32b85a19d59208876f0.exe
Size

5KB
MD5

b03f2e860dc2b32b85a19d59208876f0
SHA1

ac4013adad3ffc2b0c846a02daf011c7a22fad99
SHA256

9e594089e40bac82e6ce3bf69f6e60a49206545e7138577874f2e1ea8324636e
SHA512

fd2016e2cc0e0d08fe4e173ed6836bebdf0cf0df6e4530c87e5437fb5a13bfb5d5d6204a593a07b11d4286b80dc733429852df99dc691b6d00edfbfd510d0ec9
SSDEEP

48:6/sCtHJWXxZcL2wgqYP8gp2LkzuWQRp2ONnWTrg793Y0AR3Rn9orw2HH:M9tHYXxqLfgqYECqRoOBWTryR4B9or

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b03f2e860dc2b32b85a19d59208876f0.exe

Files

NEAS.b03f2e860dc2b32b85a19d59208876f0.exe
.exe windows:4 windows x64

23ca1582529e12888e6c0216c4d3debb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsFree
SnmpUtilOidCpy
SnmpUtilVarBindCpy
SnmpUtilOidFree
SnmpUtilPrintAsnAny
SnmpUtilMemFree
SnmpSvcGetUptime

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ