NEAS[.]301056691428b8c560ee018c24ec14e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.301056691428b8c560ee018c24ec14e0.exe
Size

6KB
MD5

301056691428b8c560ee018c24ec14e0
SHA1

09c62e80d82d61da79d0e4a26c44a3da42e18c14
SHA256

1cd5a30e332d968458c3142a71102b8d0b4ab0dd54c3e1d6cee825e246cac4a7
SHA512

ec17a3d2e24354c1f999e942540250ce0bb18f03f01d48caaeb10d0203a3aaf3e21eac4cd7680b8db477a369884df982c7918b680ebf054d9472053eb908f050
SSDEEP

96:UppRIRk8dOAtmNQBM2RS0445xCO8MtU1zg/6bYCtp+4:fRkgOAtmNmMQb4WAMtUhg/6bLk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.301056691428b8c560ee018c24ec14e0.exe

Files

NEAS.301056691428b8c560ee018c24ec14e0.exe
.exe windows:5 windows x86

7c91267ea5a106863eb01b497da5dcb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetEnvironmentVariableA
FindFirstFileA
GetLastError
lstrcmpiA
GetProcAddress
OpenThread
Process32Next
Thread32Next
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
CreateToolhelp32Snapshot
Module32Next
CloseHandle
GetCurrentProcessId
lstrcpyA
TerminateProcess
Sleep
TerminateThread
GetCurrentProcess
lstrlenA
GetExitCodeThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

advapi32

AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ