NEAS[.]99a99eca1085c8b6d9fcb2a279af73e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.99a99eca1085c8b6d9fcb2a279af73e0.exe
Size

205KB
MD5

99a99eca1085c8b6d9fcb2a279af73e0
SHA1

0cb59bdc78e98fd604cd892883ad3576a3df8b6d
SHA256

7fac604bef59ca3fbfc9053a2504ca96229c746fc6e8f35a8eb8893ac589b64a
SHA512

84dbc5ca68656d8be63c4eebac7711910b971e5d53896612ba82e1903aa1bb4cf9efe23b02ffdac6a5dece1cb55e46a8134ea15a844f95a8c8df6b7c188adb50
SSDEEP

3072:/QzN/0ElV7V5jHSrg9LgH2PkUbl3mjOrufHxbyqnYUALBWzj7h4+Iq6:Q/n5lVbl3v42+YrLcz3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.99a99eca1085c8b6d9fcb2a279af73e0.exe

Files

NEAS.99a99eca1085c8b6d9fcb2a279af73e0.exe
.exe windows:16 windows x86

90f46eae530d7422ac976eb7ed57452f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyState
UnhookWindowsHookEx
IsCharLowerW
IsCharUpperA
IsCharAlphaNumericW
VkKeyScanW

kernel32

GetSystemWindowsDirectoryW

gdi32

CreateHatchBrush
CreatePatternBrush
DeleteObject
GetStockObject
CreateSolidBrush
LineDDA

Exports

Exports

?1l64189@@YGXKPAUHBRUSH__@FD0

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sti
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ