NEAS[.]de76c56e1cda98c4104ae73d223f9150[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.de76c56e1cda98c4104ae73d223f9150.exe
Size

5KB
MD5

de76c56e1cda98c4104ae73d223f9150
SHA1

611271c70eb238ef528f00e2063aabc35a10c1a8
SHA256

c3b2bf49e9076e599a96d56a35b2c5e166a280f5ad14568737ebb7e23e81d3a5
SHA512

bb05b37a5d87ac07937ec263cd433151670a40a09220eae175c581598148fd1911be2cb9998438649a176edb4bead2f71beebcd3309f77cacb3cc71ec0954e79
SSDEEP

48:6p7vtHxWXZR/40l8dGzADzuLhQJrONvTrg76YlGdVXdVV9orwoCzEL:8vtHwXZJ40lP6O2JrO9Trglqor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.de76c56e1cda98c4104ae73d223f9150.exe

Files

NEAS.de76c56e1cda98c4104ae73d223f9150.exe
.exe windows:4 windows x64

dd217e4960994e1777c9a5ffe313e5a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilOctetsFree
SnmpUtilVarBindCpy
SnmpUtilMemFree
SnmpUtilVarBindFree
SnmpUtilIdsToA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ