NEAS[.]71aafb0fcf3a22b7c84999378a21ee80[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.71aafb0fcf3a22b7c84999378a21ee80.exe
Size

66KB
MD5

71aafb0fcf3a22b7c84999378a21ee80
SHA1

848f1e0c3722347726683b8843f8d9f22e7724ad
SHA256

0cf6c3a2a100042a4b16e42026ff33ac33048a9768a27bc82ea76e0355b547de
SHA512

14531c2513656743ea454d1076086f88b81cc10094d61b0e61027104dd4448e73f771c09dc8443d847bf062ec5a6080f08a1c845892c0b20819057d590ab712e
SSDEEP

1536:S/K6+CFNeV/fijDDN/X9vqVO3IMO8pBmnLV3dN:mK6HF6XijPN/tvgMOkeLvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.71aafb0fcf3a22b7c84999378a21ee80.exe

Files

NEAS.71aafb0fcf3a22b7c84999378a21ee80.exe
.exe windows:4 windows x86

2f76b9e399b196af7d29102769140aa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
NlsEventDataDescCreate
UnregisterConsoleIME
BasepReportFault
RegisterWaitForSingleObjectEx
SetFirmwareEnvironmentVariableA
GetProfileStringW
FindNextStreamW
ReleaseActCtx
PssWalkMarkerSetPosition

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE