NEAS[.]825478abcc886f90bc7c4c328e8ad860[.]exe | Triage

Sharing

General

Target

NEAS.825478abcc886f90bc7c4c328e8ad860.exe
Size

66KB
MD5

825478abcc886f90bc7c4c328e8ad860
SHA1

be86dc6f6db5ba6d228aecd9a7c9505d8cf37fce
SHA256

9db13ce50c6c46f8c7e406b205e129ac5d67c8ff25b7c8e2fdc2d37d214b62b1
SHA512

04eb843c24cb6e5d8ae320353518be907a825aaaf6b33c1e47af49db8e40b5c5c4c1a6c6538b8205a1dcd319f363c990154c41c8231235aa08000b5e04a706ac
SSDEEP

1536:J77IfhzAKcm13eZtx0Kfln8FgW2u+nD1uT1ZtJLa:J77Ohzlcm136tlfJW2HnxuDLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.825478abcc886f90bc7c4c328e8ad860.exe

Files

NEAS.825478abcc886f90bc7c4c328e8ad860.exe
.exe windows:4 windows x86

a722dee3d3f70582e48d1ac77259d926

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lwrite
GetDriveTypeW
GetNumberOfConsoleInputEvents
LoadModule
GetCommModemStatus
SetSearchPathMode
RegGetKeySecurity
GetThreadPriorityBoost
GetDateFormatW
WerRegisterExcludedMemoryBlock
OpenMutexW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE