NEAS[.]c35d65723dca520290065d3a5edde130[.]exe | Triage

Sharing

General

Target

NEAS.c35d65723dca520290065d3a5edde130.exe
Size

66KB
MD5

c35d65723dca520290065d3a5edde130
SHA1

80e4192fcf393c2e9b4c98d935329f5aaef2da53
SHA256

33d962393c3aca8e65fa14df8e2a60f83052a84b0d171b52a104718b50aa62db
SHA512

5e1ef3a11b73f555419eb6307ce1341f7acf672dc8c0c38f48d0c09fdb19956f90a7a9593008ca0b34a14a3f1d6bab711eb7bfe734f0b6a456f1b0acc54c8dd2
SSDEEP

1536:+YZnhhIFw3zl3k2SysGwq9beuP82W2GhM+5PM:+snnn1+qkq82whMYM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c35d65723dca520290065d3a5edde130.exe

Files

NEAS.c35d65723dca520290065d3a5edde130.exe
.exe windows:4 windows x86

ca8bb9b12bf9cdc32187c3040b3c3a2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BasepGetAppCompatData
GetCachedSigningLevel
QueryMemoryResourceNotification
MapViewOfFileExNuma
GetConsoleInputExeNameA
EncodeSystemPointer
SetThreadToken
SetEnvironmentVariableA
LZClose
K32GetModuleBaseNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE