NEAS[.]611b90b706397e403fdd1455e4aa5e60[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.611b90b706397e403fdd1455e4aa5e60.exe
Size

2KB
MD5

611b90b706397e403fdd1455e4aa5e60
SHA1

7d553d4fc8b07066afdbe91079913a5964d3e34b
SHA256

0391eb2488cf83b7ac3ff7bc714042ed60f9fcf101d596f962fbcf08d1ed6864
SHA512

bc6ac2ed3a14bc05d1341b75a0f20583e1a1ba7f061929a8d2651da86ae9448bef4a779092f1f656320799f0265387c0b90c051b15e823ef720d6cb4706159b4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.611b90b706397e403fdd1455e4aa5e60.exe

Files

NEAS.611b90b706397e403fdd1455e4aa5e60.exe
.dll windows:4 windows x86

4548755c892977d14657f32cf4a51525

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

exit

kernel32

CloseHandle
ReadFile
VirtualAlloc
CreateFileA
GetFileSize

shlwapi

SHDeleteKeyA

Exports

Exports

a

Sections

.text
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ