NEAS[.]c72f980f0b79daf1634b029ae92f89c0[.]exe

General

Target

NEAS.c72f980f0b79daf1634b029ae92f89c0.exe
Size

105KB
MD5

c72f980f0b79daf1634b029ae92f89c0
SHA1

f0b70a9a82573ed584c236453bc9b3ac1a0c27d7
SHA256

87ef5a69eea3f9dfafb95c1fdcced8d184d390d2497c56e51c8af77b1acd7315
SHA512

6f6435da552d5070c28a6374491a35814468362e32c880c34b3d010bd7b3e2fde0e82098c6359e7f905bf192b97225685fb56df971e82cfd3963c6061d45374f
SSDEEP

1536:luyD0guBJEpw0TMMzMymDZgHgxJ0Ra3HHl2IGly/4yZ/JeozjE1l/HPGkGKTrKuP:/uvM3mDZgAxJ0RSEK/VHAlB9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c72f980f0b79daf1634b029ae92f89c0.exe

Files

NEAS.c72f980f0b79daf1634b029ae92f89c0.exe
.exe windows:4 windows x86

20c0a20fcc4e2a519751f357aa493502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
FindNextFileA
FindFirstFileA
SetEnvironmentVariableA
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
CreateProcessA
CloseHandle
FindClose
GetStdHandle
GetFileType
WaitForSingleObject
GetLastError
GetExitCodeProcess
GetVersion
GetFileAttributesA
GetCurrentDirectoryA
GetDriveTypeA
GetLogicalDriveStringsA
FormatMessageA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetVersionExA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
SetHandleCount
HeapAlloc
HeapFree
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
GetLocaleInfoA
GetCPInfo
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
GetACP
GetOEMCP
FlushFileBuffers
SetStdHandle
CreateFileA
LoadLibraryA
RtlUnwind
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEndOfFile
ReadFile

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20c0a20fcc4e2a519751f357aa493502

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 8KB

.data1 Size: 65KB - Virtual size: 68KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 8KB

.data1
Size: 65KB - Virtual size: 68KB