NEAS[.]8402cb18014ce21cd9080e4befc388d0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8402cb18014ce21cd9080e4befc388d0.exe
Size

2.6MB
MD5

8402cb18014ce21cd9080e4befc388d0
SHA1

db1e4bb52946d793f4a17378e8b392cf90e1df9b
SHA256

754a37a70d1c8d159b85e7bf04d60c42f76817925bf2905b49ee3e3d0dde2f65
SHA512

18689689102bf2fa7409a18ac3dc5822fd37341266808796cb223876577d1090ac2b60782de9b55a2a831449b2b95a9f7d3370eb7cccde05c9135dbc435c41bb
SSDEEP

49152:P00c7OZErNIH8dip2IJxyWZ1hJ9i9jIJUzs67k3Skvb4AEw67Eks8UoZb/4u/olw:pGOqruVsCgMY9jIKzs6o3Am675ZbQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8402cb18014ce21cd9080e4befc388d0.exe

Files

NEAS.8402cb18014ce21cd9080e4befc388d0.exe
.exe windows:5 windows x86

e6bb0f11cbbe19e4f2ac72c3e80920d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32 kernel32

TranslateMDISysAccel �/

Sections

CODE
Size: 352KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ