NEAS[.]63a148e6b9e7d0a4c20f689c78491070[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.63a148e6b9e7d0a4c20f689c78491070.exe
Size

4.7MB
MD5

63a148e6b9e7d0a4c20f689c78491070
SHA1

10be7f496b158cb2207971da0cb3d534293bce0f
SHA256

190ca65a94e0c62282433cd502bf24fec3d7caf618b0b62b73f26ccaae1a106e
SHA512

f1fb4bf722305f28eaa1c1409af2a0674cb073db52a60cc912a42d34345b1bc1fdbb6fd6786aeb8ae6ca9c88dfc373d35a281b348ccc41a8f535fc8f74e5e175
SSDEEP

98304:dE9RjrbzLe0NDE99wv+9On8Podo8TCJQHFX:dCG0NAIlnxdo8TC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.63a148e6b9e7d0a4c20f689c78491070.exe

Files

NEAS.63a148e6b9e7d0a4c20f689c78491070.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.snaker
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.snaker
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE