NEAS[.]8dd322215f8094bd19a5028cae1fd260[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8dd322215f8094bd19a5028cae1fd260.exe
Size

72KB
MD5

8dd322215f8094bd19a5028cae1fd260
SHA1

f4257643151f28aa16ecd071adb621bdfee6e20a
SHA256

a05a320a063e29a3c58b8b7de8ebe8d81a4af58aca34c16f9a867a785b38d771
SHA512

f274601fc9bd57285417f4f016584e349d0edfb1e0a7ba0abfb6c6e5e3431b43ec7912255dbe689efce5a6efc11b7f2a22943206c07480b9641e614d4000fa46
SSDEEP

1536:XDwgRxzHIVjcT1da8LuwygZxtNSq+8KHn0Kpf+jhOi:XDwaucT3IwyG7MvtHhmoi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8dd322215f8094bd19a5028cae1fd260.exe

Files

NEAS.8dd322215f8094bd19a5028cae1fd260.exe
.exe windows:4 windows x86

24c232389f26d381d464c9b6bd4714d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawMenuBar
DrawCaption
DestroyMenu
DestroyCaret
CreatePopupMenu
CreateIconFromResourceEx
CreateIcon
CreateDialogIndirectParamA
CreateCursor
CreateAcceleratorTableA
CopyImage
CloseWindow
CharUpperBuffA
CharToOemBuffA
CharToOemA
CharPrevA
ChangeMenuA
ActivateKeyboardLayout

kernel32

CloseHandle
lstrlenA
lstrcmpiA
lstrcmpA
VirtualFree
TlsGetValue
TlsFree
Sleep
ReadFile
OpenFile
InitializeCriticalSection
GetTimeFormatA
GetLastError
GetFileSize
GetCommandLineA
ExitThread
EnumResourceNamesA
EnumResourceLanguagesW
EnumResourceLanguagesA

Sections

.text
Size: 21KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ