NEAS[.]b47906113f04af6a46f081697c028030[.]exe | Triage

Sharing

General

Target

NEAS.b47906113f04af6a46f081697c028030.exe
Size

66KB
MD5

b47906113f04af6a46f081697c028030
SHA1

6f2021b62bc2c6b52a7047e761816065674a4c34
SHA256

ee8e63a6a2d2ef3dd81348b44d28a949d3ff68168391edde9a27d24868b56888
SHA512

f8df2c082f256aacd67b0f01a834f7c42c9341546d604443cce347717bd587860538b26578a2fd20d9c409418b723b11e10898fa5b826d362b4e7c753721b095
SSDEEP

1536:0GvIc4Z1YZhFOLvNKaiIZodun7XXlVz9bn4l9I5dTMTanXSH0:7I7nvrvZocnblP+I/wTanXSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b47906113f04af6a46f081697c028030.exe

Files

NEAS.b47906113f04af6a46f081697c028030.exe
.exe windows:4 windows x86

ef9a1685f5e98637ee07d5c4526ff9c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumTimeFormatsA
EnumSystemFirmwareTables
GetDriveTypeW
SetConsoleWindowInfo
BasepAppContainerEnvironmentExtension
GetStagedPackagePathByFullName
GetNamedPipeInfo
CreateMutexExA
BackupSeek
_lopen

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE