NEAS[.]e76547c46fa7894bdb58e456c9c8a760[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e76547c46fa7894bdb58e456c9c8a760.exe
Size

66KB
MD5

e76547c46fa7894bdb58e456c9c8a760
SHA1

21aec8f5431b9fd77c2e1936892c20d0ca8e6e21
SHA256

bf4bccb51f90e12c5ba26c97c2751ecae75bd572698dfc142e46cd931d8740c1
SHA512

ee90f56a17f47086f8e9fa3a8dd902ec7e57a38a521ea666f4713783343a38303317226bae91e496dd9dcd0fbfd527d75ccbfd71f738b74edf6a9831a6b98940
SSDEEP

1536:1ogBemt7cCqfTMo6JrkNQGoiyP5IgiHN/CCZ1AaIHl9ssg:tMmtACgj6JANQVb5iHN/CCZyhF9sf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e76547c46fa7894bdb58e456c9c8a760.exe

Files

NEAS.e76547c46fa7894bdb58e456c9c8a760.exe
.exe windows:4 windows x86

9b00f56138977e24deb8917cdc45c3b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
CreateDirectoryExW
QueryPerformanceFrequency
SetProcessPreferredUILanguages
FileTimeToLocalFileTime
EnumTimeFormatsA
IsDBCSLeadByte
DebugBreakProcess
WerpNotifyUseStringResourceWorker
GetProcessTimes

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE