NEAS[.]d2e55c16d2f2feb5941d790588413250[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d2e55c16d2f2feb5941d790588413250.exe
Size

66KB
MD5

d2e55c16d2f2feb5941d790588413250
SHA1

dae3ecb4caff844b23c1fcfd3a00e2b6a3b9e0e2
SHA256

3ad413a4b022574a6df75a92db8760978127148027aec0477c186e6d554d8eb3
SHA512

f7c28ec304fefa6ee0a6946170d3d1d6e9c414abad8295144eec9e6cb02c1b52d4d92b89641d45cffcc0f9c0e58cfa1414d3aaa07aebc5263296bea861efec91
SSDEEP

1536:d5792c1ShqeG+6DoTneuGTlLZZkYc0ggjXyofZWv/vr9P1CrJkl3Tp5Wv:X8c1Eqe0kyu2lI0ljXho/vrXC9klDbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d2e55c16d2f2feb5941d790588413250.exe

Files

NEAS.d2e55c16d2f2feb5941d790588413250.exe
.exe windows:4 windows x86

2f138a8d4a450e5e2c672e1237e68934

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleKeyboardLayoutNameA
WaitForThreadpoolWorkCallbacks
CreateWaitableTimerA
GetCurrentApplicationUserModelId
PowerCreateRequest
SetComputerNameExW
BaseWriteErrorElevationRequiredEvent
DisassociateCurrentThreadFromCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE