NEAS[.]78bd3b10b10f5b6fb782780d776cc220[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.78bd3b10b10f5b6fb782780d776cc220.exe
Size

66KB
MD5

78bd3b10b10f5b6fb782780d776cc220
SHA1

5eed0d2107e7d3f1956ab1a5fa446518455168c8
SHA256

cf6aeb22f5eab99b6af57f2cda60dcea96c3a3cce385e65f8bdd1d6e4f484339
SHA512

3290b0e5b3d4f4e6a397a83c316b947c32bbe384b45f82d8b4d2cf33866f099144957dbd58e98ca63b8897be192f6c30c123eaa21ca4c316d8234823d31e53f0
SSDEEP

1536:GoZHDwO+ymgP9VGeOjcbTg3OYjrnX578WUrFG4:GoZHD7+ym67OIHg3lPyFG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.78bd3b10b10f5b6fb782780d776cc220.exe

Files

NEAS.78bd3b10b10f5b6fb782780d776cc220.exe
.exe windows:4 windows x86

7d2d86ebe7b369e1740b8ff8e96c41f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsWow64GuestMachineSupported
ReadConsoleA
IsDBCSLeadByte
SetCriticalSectionSpinCount
LZClose
CheckRemoteDebuggerPresent
SetDefaultCommConfigA
CreateSymbolicLinkW
CreateFileMappingW
GetProcessHandleCount

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE