NEAS[.]fdf2d8c510204df7b2648eeb307ecf20[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fdf2d8c510204df7b2648eeb307ecf20.exe
Size

66KB
MD5

fdf2d8c510204df7b2648eeb307ecf20
SHA1

ca8be20a12a3cd5505d832945fc9cdee91274752
SHA256

65953d20486f1414c6b980728754bb9b22579c2b003cecbade031f0def59009f
SHA512

88236c85bcb59cb1938e7144a5e807d519d952af1339a1b9cc325b97f0ba59359c18015e475f60005bb97eb7e1a3537a5702d72a8bde9f4ae3ea3ab9f79f088c
SSDEEP

1536:oGJIZxeE0stIGDAw9RvQSoYErsEWP0fek/ljAVJ:HIZxRtPbRvQSDEWPo/ljAf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fdf2d8c510204df7b2648eeb307ecf20.exe

Files

NEAS.fdf2d8c510204df7b2648eeb307ecf20.exe
.exe windows:4 windows x86

0d5cc9cd9fc60cdce18afcc2db6c960e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
SystemTimeToFileTime
GetConsoleOriginalTitleA
LZInit
K32GetProcessImageFileNameW
GetCPInfoExA
OpenJobObjectA
SystemTimeToTzSpecificLocalTime
SetSearchPathMode
GetStdHandle
SearchPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE