NEAS[.]fa4b8d4b6897b9cc447d35b32250c560[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fa4b8d4b6897b9cc447d35b32250c560.exe
Size

19KB
MD5

fa4b8d4b6897b9cc447d35b32250c560
SHA1

849daae485bfb7095c88a9222b65e110aac959fd
SHA256

243915dd629df5e41cd4447341c5a53868a0e527c523d7da5c6457d8e1d0a087
SHA512

f1896dc810f1668d1aee13f6687f4716506022cf0a1e32356d3f6755517fca76a9b70cc61ccea59b73348bad4c8d8aa91ca61814657cd793e9cf824ffa8f375e
SSDEEP

384:/7QrNaRq3XT7FvitaCKKKKtd8jXKVhz6o:/wNa07kUCKKKKtWAhz6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fa4b8d4b6897b9cc447d35b32250c560.exe

Files

NEAS.fa4b8d4b6897b9cc447d35b32250c560.exe
.exe windows:4 windows x86

317a84531ac8c9a7e6870cb0cb85d578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
HeapCreate
GetVersion
GetProfileIntA
InterlockedExchange
GlobalUnlock
SuspendThread
GetConsoleCP
GetStdHandle
CloseHandle
WaitForMultipleObjects
GetModuleHandleA
GetTickCount
VirtualProtect
LoadLibraryExA
HeapReAlloc
CompareFileTime
GetCommandLineA
lstrlenA
WaitForSingleObject
GetSystemDefaultLangID

user32

PaintDesktop
CopyRect
DialogBoxParamA
MessageBoxA
GetKeyState
CreateCaret
GetDlgItem
TranslateMessage
InsertMenuA
EqualRect
SetPropA
ShowWindow
PostMessageA
GetWindowTextA
GetMenuStringA
CreateCursor
SubtractRect
UpdateWindow
GetKeyboardLayout
DestroyMenu
DispatchMessageA
EnableScrollBar
SetWindowPos
ModifyMenuA
FindWindowA

atl

AtlModuleInit
AtlGetVersion
AtlUnadvise
AtlSetErrorInfo
AtlAdvise

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ