NEAS[.]dd4af38d4b00ac3e11b1af83ed989fa0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dd4af38d4b00ac3e11b1af83ed989fa0.exe
Size

66KB
MD5

dd4af38d4b00ac3e11b1af83ed989fa0
SHA1

442403a12b171dc120e779d04edf2d858f303476
SHA256

83aa0a1cc16fd7cb86b0d998bcb19cb9bb94d49e9fb9b2a8dcd155882a2621ca
SHA512

0462b96cd7a6fa3fdffa4e4121ce33e93ca53ec4cad403d545fd1b8b946246c8c2c22331a9a3e899412765d61f0304a299d3c5a2fb3b4411d641237cc9dfa9a1
SSDEEP

1536:hHfDDx8dV0dblJ9Brxt2khZm4aNdI0WylvGrMma2/1:h/32d0bP9BqeE4aAMmr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dd4af38d4b00ac3e11b1af83ed989fa0.exe

Files

NEAS.dd4af38d4b00ac3e11b1af83ed989fa0.exe
.exe windows:4 windows x86

451cc455d1e43a44b3db64da69b2e433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
SetLocalPrimaryComputerNameA
RtlFillMemory
SetSearchPathMode
GetDriveTypeW
SetThreadpoolTimerEx
CreateSemaphoreA
GetConsoleAliasesA
FoldStringW
NormalizeString
SetTapePosition

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE