NEAS[.]3124d6f6a039e1772858a4908c2dbb60[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3124d6f6a039e1772858a4908c2dbb60.exe
Size

97KB
MD5

3124d6f6a039e1772858a4908c2dbb60
SHA1

2d333c17c95bdca5c39df90d97d059c93b0d5145
SHA256

64778d505ca64316ea6be13359c86ed79bb733463e815c90595895274e430915
SHA512

f080fed32543bef3e4ca2039bb4de8962185c27f1bdd4f40c78d2eb6be8e675b3ed288663bbb66dfb7c4b5b908a354f28c8971ff3be9f7cfede9a60af082aa57
SSDEEP

1536:1eXk3ATD6iSN9KMWXa7dRSTZN1FmqdOHk8o0baCBAue026xKmZedV5vRZshci8Zy:1STD6z4Fa7ONCwwBAuebqCd/sKom+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3124d6f6a039e1772858a4908c2dbb60.exe

Files

NEAS.3124d6f6a039e1772858a4908c2dbb60.exe
.exe windows:5 windows x86

99d5d54226d07fdab82543b1f9742b22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

GetDC

advapi32

RegCloseKey

shell32

ShellExecuteW

ws2_32

gethostbyname

iphlpapi

GetAdaptersAddresses

oleacc

LresultFromObject

gdi32

SaveDC

winspool.drv

OpenPrinterW

oleaut32

VariantClear

Sections

dssdffff
Size: - Virtual size: 276KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dssdffff
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE