NEAS[.]61f4b1c1c54bf60eebde2a5715410ea0[.]exe | Triage

Sharing

General

Target

NEAS.61f4b1c1c54bf60eebde2a5715410ea0.exe
Size

5KB
MD5

61f4b1c1c54bf60eebde2a5715410ea0
SHA1

d36d998e3c87ea161e9f8df7fd2d75760cdee4e4
SHA256

1cd4de4cb2ec10fa9ceb6993a97f10d24f9752e9ca03c0e664de5525537fc732
SHA512

39bae9ba3532677c1dba36658fd06222f23a351b4f00e7747a3f468fcf7f1c9cd8f59d6635267fdd0bd0613b6f7dfa996473a5fc1486b6de4810640c1454484f
SSDEEP

96:VtHeXzYd5Lnq/3CMK1j/OHdcTrs73S2Swori:neXI57qqNj/OH7C9wor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.61f4b1c1c54bf60eebde2a5715410ea0.exe

Files

NEAS.61f4b1c1c54bf60eebde2a5715410ea0.exe
.exe windows:4 windows x64

d2952b7496ad58eb87cbdfcd0307af87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsFree
SnmpUtilOidAppend
SnmpUtilVarBindCpy
SnmpUtilOidFree
SnmpUtilPrintAsnAny
SnmpUtilMemReAlloc
SnmpUtilOidNCmp
SnmpUtilOidToA
SnmpUtilIdsToA
SnmpUtilOctetsNCmp

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ