NEAS[.]27acc73c70fc3807ffc47638b11f9c40[.]exe | Triage

Sharing

General

Target

NEAS.27acc73c70fc3807ffc47638b11f9c40.exe
Size

66KB
MD5

27acc73c70fc3807ffc47638b11f9c40
SHA1

eedc91e5fb04f6823e9a115a340b831212dd8b70
SHA256

949d5920b78737831a26c1bc2dfc8fd866405c8be31f8a85d9d7a9d792eb5a97
SHA512

931f68c9b6584c562d0de654f07992bbfdd4a3dae27e733788111dc8d96ac58468f3d26e5a78af65a293ade0e11834e3890c4835ad52f4cd077eac52d7e3528c
SSDEEP

1536:nobB7OutIa/gOSP4a+xt5ZmA63vDjdvF8du0AJN2/T:nobB3IsguDtSNDjdd8dj0cT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.27acc73c70fc3807ffc47638b11f9c40.exe

Files

NEAS.27acc73c70fc3807ffc47638b11f9c40.exe
.exe windows:4 windows x86

8a73b12b1907aec25d9124c416eade2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetIoRateControlInformationJobObject
DeleteFileW
BasepQueryAppCompat
InitOnceComplete
GetComPlusPackageInstallStatus
LockResource
MapViewOfFileExNuma
CreateProcessAsUserA
IsValidLanguageGroup
GetConsoleHistoryInfo

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE