NEAS[.]d058f9ebe3ba7e70ddc6a951e972ee30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d058f9ebe3ba7e70ddc6a951e972ee30.exe
Size

7KB
MD5

d058f9ebe3ba7e70ddc6a951e972ee30
SHA1

5e9bb0927a868f4a8c17f59271de227f805e60a9
SHA256

b63b5300c90df0677df5f14f28282643de6dcf083f5d599723692ec928e49508
SHA512

80d31306486d70fbb34c18a4706120492382f258cf510932abab0316e4d96af34f167ac17acc101fdf74ef50e9eef3197bd9f86254672b9ef82f51c271b059b6
SSDEEP

96:jp7L2y5gROQvgP8iqSfwqSgHVJ4H3pdTyBJz:jp+y5COQvg0i1wW1aH3p0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d058f9ebe3ba7e70ddc6a951e972ee30.exe

Files

NEAS.d058f9ebe3ba7e70ddc6a951e972ee30.exe
.exe windows:4 windows x86

28d208ddd466ea14606f003efd460636

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
WinExec
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime

user32

wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcr71

_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_c_exit
_except_handler3
__security_error_handler
??2@YAPAXI@Z
??3@YAXPAX@Z
_amsg_exit

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE