NEAS[.]379f600acf1dbf6da368947ceb296c90[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.379f600acf1dbf6da368947ceb296c90.exe
Size

66KB
MD5

379f600acf1dbf6da368947ceb296c90
SHA1

c9305a16c5e9bfad7f5c60defe91095ef2b52611
SHA256

8a841e7c79c56dfcf6e36d828202748736b6898939e2d3fb380017d45ea6e857
SHA512

1e91dd6772de2ae543808e28d14ad18684d16b5b721861edf9a34fd8772db687430f9fa25bf0a1c968eb62b751fe046c6b669d8c6f7e8403f7c8cc7d35877dad
SSDEEP

1536:YGZtiHJF0aVdm2eKQLTH2em2edK7Rk6Dg8lcsxjFrybKQHOpbrvbsU45F:ffiHJFpwnTG2yGDg8JjFr8YrG5F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.379f600acf1dbf6da368947ceb296c90.exe

Files

NEAS.379f600acf1dbf6da368947ceb296c90.exe
.exe windows:4 windows x86

0773e32f15c33f4a1a3e4a4c73f583b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
IsValidLanguageGroup
GetSystemDefaultLCID
SetCachedSigningLevel
SetStdHandleEx
DisassociateCurrentThreadFromCallback
lstrcmpW
GetConsoleScreenBufferInfo
GetConsoleFontSize
SetThreadpoolWait

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE