NEAS[.]f355b8804e2c752141214a699ce3d7d0[.]exe | Triage

Sharing

General

Target

NEAS.f355b8804e2c752141214a699ce3d7d0.exe
Size

292KB
MD5

f355b8804e2c752141214a699ce3d7d0
SHA1

f334873a707cbc28c528ea9fd3ce3f8f854f3b70
SHA256

f5da49b0f4ea1e758452a8a528772f481dcd38d242ef4cfdef5c4c0719daecc5
SHA512

f372fb640242db7c4f096feae3b507aeabf7c6e920122dcc347bda5cc5804fc6551a61c8d3118e3447ad0966f5e91b3ae7920eff6c48f29675188695e95467b8
SSDEEP

6144:GzLxdgY9ODU7xr5Kd2IdJi0QFk5PIOpby/Z:S1xmUlrKdgdk5wEby/Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f355b8804e2c752141214a699ce3d7d0.exe

Files

NEAS.f355b8804e2c752141214a699ce3d7d0.exe
.exe windows:4 windows x86

9ffc59d97fa7bc95242d6970ebf528e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CreateFileA
VirtualAlloc
GetOEMCP
GetCurrentProcess

user32

LoadCursorW
LoadCursorA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_acmdln
__set_app_type
_controlfp
_except_handler3
exit
_XcptFilter
_cexit
_exit
__p__fmode
_c_exit

advapi32

RegOpenKeyA
RegQueryValueExA

Sections

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata51
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggg22
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ