NEAS[.]c9b817988c4852f8a5211b493fd70aa0[.]exe

General

Target

NEAS.c9b817988c4852f8a5211b493fd70aa0.exe
Size

160KB
MD5

c9b817988c4852f8a5211b493fd70aa0
SHA1

8d054b35cc677a85cd005fd48b20e5a1c0454ebb
SHA256

eda75309da7b84eee763522efd12e195dc21d94a268afd892e8a8602af10a73b
SHA512

8375603abf35021460b3fdba5dd26ce9df5ecbae0a43a8461a0a3ae4fd85489fa4164d4213e5ab6753d66cdbdfd761a1421e215d212800c08c122b4f6fe324b0
SSDEEP

3072:bxFssQ12KvtaFM8K6eFjUOZNAtNwuguQu:rm4K/j1jAtNwuguQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c9b817988c4852f8a5211b493fd70aa0.exe

Files

NEAS.c9b817988c4852f8a5211b493fd70aa0.exe
.exe windows:4 windows x86

9ae3d0efb64449e31a1a831da4599184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree

cc32160mt

@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_fclose
_fgetc
_fopen
_fprintf
_fputc
_getch
_memcpy
_printf
_remove

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook
__stkchk

Sections

.text
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ae3d0efb64449e31a1a831da4599184

Headers

File Characteristics

Imports

kernel32

cc32160mt

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 128KB

.data Size: 2KB - Virtual size: 1.1MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 27KB - Virtual size: 28KB

.text
Size: 126KB - Virtual size: 128KB

.data
Size: 2KB - Virtual size: 1.1MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 27KB - Virtual size: 28KB