NEAS[.]603a8a461dd68c346642f8a4ba6db790[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.603a8a461dd68c346642f8a4ba6db790.exe
Size

66KB
MD5

603a8a461dd68c346642f8a4ba6db790
SHA1

3c85359d3aa515017888055c2ff8ec5b62d1f941
SHA256

f56158d663ab63e814eb6033ac71811f2c6c450a1d42a0761b97cc793ee77e12
SHA512

daec6ae557dae4c2cb6a8f93525401ee1edbd900d0e69feedc8d49c91da353bb5b4a9cf7d515786dc97dfd59f52204115c5c129b3c5653c660bc5bfd2411512b
SSDEEP

1536:f+npD+3W5Gpd2d932NJfqajmsSddl07vV+qY4oEpNC1EYljMaOazSVXutubUj:mO2hsSd0vYQpNC1Ea7SEOUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.603a8a461dd68c346642f8a4ba6db790.exe

Files

NEAS.603a8a461dd68c346642f8a4ba6db790.exe
.exe windows:4 windows x86

54410133dd1d1c335028d901ab6b5a9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByteEx
GetVolumeInformationW
CopyFileTransactedA
CreateMutexExW
GetDiskFreeSpaceW
CreateMailslotW
UnregisterConsoleIME
SetEndOfFile
PeekConsoleInputW
DeactivateActCtx
FreeMemoryJobObject

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE