NEAS[.]4f40532d461480eb7f933260a1e93930[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4f40532d461480eb7f933260a1e93930.exe
Size

66KB
MD5

4f40532d461480eb7f933260a1e93930
SHA1

797898f52e532b153346000f0d83a64b0cefa7b0
SHA256

064ebe19c076e195cac29e91dd2c608f352f1a98f75c3bf6331ad3346988c08a
SHA512

0618d21065ef37f7c0612318973f1f9b86cda7270de2935f8c8445369932bc28440da5b5696459c277156f02311a3440c905b6900e00b8b81ea7b86f5d716faf
SSDEEP

1536:5CeXVlZQYS+U1JNN4PLm7JpTKMi2YZzVDwZY1aJ4/E7PYww5NYNFqBZfG:5CSVI5NN4zm70Ns8a6MwnqFqzO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4f40532d461480eb7f933260a1e93930.exe

Files

NEAS.4f40532d461480eb7f933260a1e93930.exe
.exe windows:4 windows x86

83434547045f9aa6e9e30db1f75ce45c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseReadAppCompatDataForProcessWorker
ReadFileEx
CreateEventExA
FindNextFileA
GetNamedPipeClientComputerNameW
RemoveDirectoryW
SetStdHandleEx
IsSystemResumeAutomatic
IsBadReadPtr
GetLongPathNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE