NEAS[.]ad894552c718b998272edf231d0b4750[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ad894552c718b998272edf231d0b4750.exe
Size

66KB
MD5

ad894552c718b998272edf231d0b4750
SHA1

50aa73640c10ec565542afc468748ef7ea9c1c9d
SHA256

e52c22149a0f0644f7ddac5d15b173f7dfee24f0e01f700a30500a92805efa73
SHA512

0d901be3a88d9b191f26a47ca60e4f89c62f8aa8f5b2fa37474d9c97cb918f085aeff0728e90aafae6750d31091213958473c1e8077281129ac980522402103a
SSDEEP

1536:18Wh5azi3cjKlA4wh+swF+JiTFS2ZEsxadFZ6:1X2+2Kl/wh+9TF8sMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ad894552c718b998272edf231d0b4750.exe

Files

NEAS.ad894552c718b998272edf231d0b4750.exe
.exe windows:4 windows x86

202dee6bafae8a56c041a3f21fd0a967

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFirmwareEnvironmentVariableExW
AddRefActCtxWorker
Process32FirstW
BaseSetLastNTError
SetUserGeoID
GlobalWire
EnumerateLocalComputerNamesA
GlobalReAlloc
GetUserGeoID
CheckForReadOnlyResourceFilter

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE