NEAS[.]216853eca070cc8dbff6c78185bd7860[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.216853eca070cc8dbff6c78185bd7860.exe
Size

66KB
MD5

216853eca070cc8dbff6c78185bd7860
SHA1

404958124ca5d204ee45c04dd02c87756bcefccb
SHA256

eca8ff56b89737e2b0a1bf3ab1edcb4e64990eae11a37c1bd085dcb561270452
SHA512

456a15d47595c44f9c3c9c7d8360978c7e924a6461db94c0d011957aba7c2a74b7d2445ae7b7fff9ef5f61e5c72ab411130cb6b5fbfb3e61ccd4ae776a855ede
SSDEEP

1536:m5sHPFa/pRg05ZwUjM2aRM47RQTOHc5deqiEqjMsY9o:m9kaM2aRzSTOHlkdsYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.216853eca070cc8dbff6c78185bd7860.exe

Files

NEAS.216853eca070cc8dbff6c78185bd7860.exe
.exe windows:4 windows x86

36a63380f0ff2fb6237de68af2993a7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PackageFullNameFromId
FormatMessageA
InterlockedFlushSList
K32GetDeviceDriverFileNameW
CreateMutexExA
CreateNamedPipeA
GetMailslotInfo
CreateNamedPipeA
BasepGetAppCompatData
GetDateFormatA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE