NEAS[.]24be104ea170e5b24a067149ee0c0320[.]exe

General

Target

NEAS.24be104ea170e5b24a067149ee0c0320.exe
Size

129KB
MD5

24be104ea170e5b24a067149ee0c0320
SHA1

77484ff4ac38ec8767e45ee6485961a79431f1c3
SHA256

3acc26884acf5f447f09063b8dd6325b1374dc8c13b10e7209403930c02ba7e9
SHA512

b626d8c09110ce687c3220d88413a7a428ecae359885c3ba4f3bdeb7f5d0fa991dfe0787fea279ab3f3e8ddac31af04a2acf6b6d513e4fc3e66c123a444e1aaa
SSDEEP

3072:vl62HC+CxEQnalWb73Gpa2jTXFsl9LGIYMGM48zw7QY/Bv:vlhC+23Brr8D7b/Bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.24be104ea170e5b24a067149ee0c0320.exe

Files

NEAS.24be104ea170e5b24a067149ee0c0320.exe
.exe windows:5 windows x86

a20ea83c469222d99839f8d25ed385d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageDirectoryEntryToData
CheckSumMappedFile
SetImageConfigInformation
UnMapAndLoad
GetImageConfigInformation
MapAndLoad
ImageRvaToVa
UpdateDebugInfoFileEx

kernel32

SystemTimeToFileTime
GetSystemTime
GetLastError
GetCommandLineA
GetVersion
SetFileTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
LCMapStringA
LCMapStringW
HeapAlloc
HeapFree
FindNextFileA
FindFirstFileA
FindClose
VirtualAlloc
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetFilePointer
ReadFile
CloseHandle
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a20ea83c469222d99839f8d25ed385d5

Headers

File Characteristics

Imports

imagehlp

kernel32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 11KB - Virtual size: 16KB

.rsrc Size: 77KB - Virtual size: 80KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 11KB - Virtual size: 16KB

.rsrc
Size: 77KB - Virtual size: 80KB