NEAS[.]4dc3a23da2e421e33b0104513e8e9630[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4dc3a23da2e421e33b0104513e8e9630.exe
Size

66KB
MD5

4dc3a23da2e421e33b0104513e8e9630
SHA1

3cd653a1e8c82da9c67338d07eaaf3b4dde3a4d2
SHA256

d06598d6e9afbb5a236afa0aa8f331e6449ab70ea63acdf6377cd444818c613e
SHA512

5a1fb9790bc003b9882f75f15aeea7386594074247ab568547141b949164d9eee6df810a68cb32cfff963cb4e146a2533adeaad5f663be68349dbe7d7c016eb8
SSDEEP

1536:kTPF95FN8mDED/34Z16NXWgU16cEM1TddZHZRNOHOOIztPX:kRTNE4Z4NLc6cdNfZHZRNObS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4dc3a23da2e421e33b0104513e8e9630.exe

Files

NEAS.4dc3a23da2e421e33b0104513e8e9630.exe
.exe windows:4 windows x86

fee54b7fa7d313d76b4f7a0cc6f4cef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegQueryValueExA
GetSystemWow64DirectoryA
EnumUILanguagesA
IsBadHugeReadPtr
GetCalendarSupportedDateRange
GetCalendarDateFormatEx
ReadConsoleInputW
Module32Next
GetFileSize
DebugActiveProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE