NEAS[.]7f0e684e262f410b8221fe02b2069490[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7f0e684e262f410b8221fe02b2069490.exe
Size

66KB
MD5

7f0e684e262f410b8221fe02b2069490
SHA1

60539399e8930cc36715a2eb203839fa9db45a8a
SHA256

24ed55ecfe6bb56725c04595b918f7c4ab3f9d2773e58e15f2541f184cf1844c
SHA512

a775ef29c7ffeaefad5d046aba73149ad6ff7cfcef6f48aeb9f99ce3345b10b4fab8c6a08be8d8e4569b2a5d7976cc09d12a391fa68ec5ffd582cb5dfa8e580b
SSDEEP

1536:Yo+5P1fu6wvBSL0JqTpdDUnpCpssc7xGnWltQ/P6e09UDPw5A:Y/RCSLAnpCpfcFwSUPp3DqA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7f0e684e262f410b8221fe02b2069490.exe

Files

NEAS.7f0e684e262f410b8221fe02b2069490.exe
.exe windows:4 windows x86

18692fb19e85a05e80835d806e627fac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoEx
ApplicationRecoveryInProgress
MoveFileWithProgressA
GetConsoleCommandHistoryLengthW
SetLocalTime
DebugActiveProcess
lstrcpynW
SignalObjectAndWait
WerGetFlags
PowerCreateRequest

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE