NEAS[.]d816e44a988b3411f9c82ef04cc9a460[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d816e44a988b3411f9c82ef04cc9a460.exe
Size

66KB
MD5

d816e44a988b3411f9c82ef04cc9a460
SHA1

abe0a13ac984a20174855c4e9eee59d602082413
SHA256

7210e1267bbd3d61e7b930a202d7397d64a9db93d4fef2c085f2a9cfa057c4d9
SHA512

bd1feb643513d29e1cbe6201a52d615275c4fba7c392f97d7e065cce6403199eac625eec3c34e2dcfbada347cb67d04c6b9b595ba7f512e99679bc99bd66b365
SSDEEP

1536:1pMP64tBSLDf2KOfAGjxgLflkLHZYKdkiTAI:1pI5ELD2KGxgLlkzd5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d816e44a988b3411f9c82ef04cc9a460.exe

Files

NEAS.d816e44a988b3411f9c82ef04cc9a460.exe
.exe windows:4 windows x86

42b5cb8c99cc7a7874f6f9b0632f2e79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionStringW
EnumSystemLanguageGroupsA
GetLongPathNameA
GetComputerNameA
timeBeginPeriod
OpenProcessToken
GetEnvironmentVariableA
SetCurrentConsoleFontEx
CreateWaitableTimerA
BaseCheckAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE