NEAS[.]a199088b0011f43054232dd46500ad50[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a199088b0011f43054232dd46500ad50.exe
Size

1.2MB
MD5

a199088b0011f43054232dd46500ad50
SHA1

ff5d8e7ea52cb996216b2f646d47f7d1ea6fca17
SHA256

f104cad231753680e00a8b9142ffd8ef543afd7dbed62b7b6b6ae77bb8ee091e
SHA512

30f2b2dbc34423157f7dc59839891d31860025ea860c218bc89a7b151fbe4fd5e8ba10886264472e93f38e7f3a0e83175e726eb001ed70e60e3f4f17431aab45
SSDEEP

24576:IjiMkuEozwNTELveN5ICo6XlxB3LKzvNuTVPcmPA4GNqY3n:IjikEoKADeNVvlzouZcmPhzkn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a199088b0011f43054232dd46500ad50.exe

Files

NEAS.a199088b0011f43054232dd46500ad50.exe
.exe windows:4 windows x86

589d48ed984f9485ea294725b3e3f1f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

advapi32

RegFlushKey

oleaut32

SafeArrayCreate

Sections

.MPRESS1
Size: 282KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE