NEAS[.]6d5d05d466059a2f26e365cbb8777620[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6d5d05d466059a2f26e365cbb8777620.exe
Size

860KB
MD5

6d5d05d466059a2f26e365cbb8777620
SHA1

6410904f6babf2cd496ab9d25ed765377c650b41
SHA256

87fc7a6069fcdd60f0084cb899d3700d710199b05c1b8a2b5d60ef925e5acd8c
SHA512

500259745da0cdcecae2f3836a5d4f7a52dd211be1afd034c5f1b512b9ecb72f1fd4bff4251d861edeb959142c9c134d956382fe61d0aac07171445d7c039b95
SSDEEP

6144:c7Etm7Odxd+NoSs70rt8Pr6bSHSg7684s8TdIdUForaoZ1+D9CilFd3z:J87Odxdafss7TRTdIdUFuqFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6d5d05d466059a2f26e365cbb8777620.exe

Files

NEAS.6d5d05d466059a2f26e365cbb8777620.exe
.dll windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateFileMappingW
FlushViewOfFile
MapViewOfFile
MapViewOfFileEx
OpenFileMappingW
ReadProcessMemory
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WriteProcessMemory

Sections

.text
Size: 1024B - Virtual size: 659B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ