NEAS[.]68b21c5b3dda286524b65157bffaf060[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.68b21c5b3dda286524b65157bffaf060.exe
Size

66KB
MD5

68b21c5b3dda286524b65157bffaf060
SHA1

2d39244f743010d6779d6c6268c5881352c18541
SHA256

dcaca41a54d8913dfba0984e56a4afc47a44170531e017da4288711ae36034d8
SHA512

4fceaafb4e1801316753d5659de91ecebb8d8a2b426569f3f957b3b767fc22cef164dd42bb1964ebe73531a40d1039817a0d9ca1c6bb0f28e8deadd8561229ea
SSDEEP

768:72BLgBb9jSsPdErYJKo6Woiw2n8OhVrMPQb4CqTvPCx0tqLWMjo18xM7m9avfbzc:76MHC3/3k7rM+4CqY3d9aLeC8HzKWVBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.68b21c5b3dda286524b65157bffaf060.exe

Files

NEAS.68b21c5b3dda286524b65157bffaf060.exe
.exe windows:4 windows x86

d62dcbac527b9e893e492433322cdc55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileNameW
CreateThreadpoolWait
SetVDMCurrentDirectories
CloseThreadpoolCleanupGroup
ReadFileScatter
BaseInitAppcompatCacheSupport
GetConsoleOutputCP
VerSetConditionMask
GetFileAttributesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE