NEAS[.]48aeae72b49868d85671ba340ed1d2e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.48aeae72b49868d85671ba340ed1d2e0.exe
Size

66KB
MD5

48aeae72b49868d85671ba340ed1d2e0
SHA1

63c322e0e10a7f093eb4e293a491ed4a0fa1b257
SHA256

a5001ec953eb2152c7f49d5beb8f860ae4dabbead2a29baae2c2cc39fa28aabc
SHA512

e817ecbf50895327166e633c60344527b96703bff4f02cdc5c129e1419f95f13c0af5776aba9968e82e8e4ac0d026b631f1696c1d49e1de63e92078425e105e1
SSDEEP

1536:4r1B0AoZkusawb4RTgI27cchvm3/Hlayr3UJFzT/y2/NMs6WqB6:Q61RFcgP/7iFzeGus6Wqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.48aeae72b49868d85671ba340ed1d2e0.exe

Files

NEAS.48aeae72b49868d85671ba340ed1d2e0.exe
.exe windows:4 windows x86

45f2a07708714a2b0deb452845b46107

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryType
GetConsoleInputExeNameA
CheckForReadOnlyResourceFilter
WerSetFlagsWorker
IsThreadAFiber
SetSystemTimeAdjustment
GetSystemDefaultLocaleName
BasepIsProcessAllowed
BaseFormatTimeOut
SetThreadGroupAffinity

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE