NEAS[.]ee7d1d63e582820771c57bfe16e26f90[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ee7d1d63e582820771c57bfe16e26f90.exe
Size

66KB
MD5

ee7d1d63e582820771c57bfe16e26f90
SHA1

0f6a8d00b1dad3c249b2374ed957829769ce5c56
SHA256

f5a41c0b7435860d658d2eb9236c925c8daeeaba63ec61cff03423178541e687
SHA512

ed603cd402489593d50093a6ebe6ca044a1ef7654c1c0f50ffc68541b1367e362542162e8566fba44809636507c8483be9209c023b39532816a4c5024148bd08
SSDEEP

1536:1TJk10ydqatXH0ePIO7yg+m+o+5AY7xg9/UdQ+BqWa:RJgiePf+zm+o+5fhql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ee7d1d63e582820771c57bfe16e26f90.exe

Files

NEAS.ee7d1d63e582820771c57bfe16e26f90.exe
.exe windows:4 windows x86

59beeaf54854913d3c375e55fb31d270

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
NlsEventDataDescCreate
GetConsoleKeyboardLayoutNameW
SetThreadpoolWaitEx
ResumeThread
GetPrivateProfileSectionA
SetDefaultCommConfigW
WaitForThreadpoolTimerCallbacks
SetFirmwareEnvironmentVariableW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE