NEAS[.]7586e6996ac8344c4cec886741ed8340[.]exe | Triage

Sharing

General

Target

NEAS.7586e6996ac8344c4cec886741ed8340.exe
Size

66KB
MD5

7586e6996ac8344c4cec886741ed8340
SHA1

bc4ca3bc56295292ef0baf7749bf45698a122a98
SHA256

6c22953b900d4679c415ec6f13f2a67e554ddfae170e10ab117df38599d59a34
SHA512

4540ed669e2b63b0b02b17e649bf767dd8a4c17350640cb6458d59b6f49ba5920a81e25ff68d2753f4d5a0255f2ef5a212777fdbdc2d81954eb13e45c944bcb3
SSDEEP

1536:EVe582wEO7kA7joyD29jhQF9S7DNzACuxUqSIuV4cIY6:ye56LkooNjhQF0VzkLtui/Y6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7586e6996ac8344c4cec886741ed8340.exe

Files

NEAS.7586e6996ac8344c4cec886741ed8340.exe
.exe windows:4 windows x86

6132c6eef210231d0e0320bd4b199888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadModule
GetCommState
DisconnectNamedPipe
SortGetHandle
GetSystemDirectoryW
TlsAlloc
SetInformationJobObject
GetPrivateProfileSectionW
LoadLibraryW
Toolhelp32ReadProcessMemory
GetActiveProcessorCount

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE