NEAS[.]1640f61ac6ce8472c93ac19e7da5fe40[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1640f61ac6ce8472c93ac19e7da5fe40.exe
Size

66KB
MD5

1640f61ac6ce8472c93ac19e7da5fe40
SHA1

c21439a217186d6c098ef3566179579819692ebc
SHA256

d7bc407d09ccae66b0a5d64dc8262e51adbcaab578ae0bc15c5e6eb658aed65d
SHA512

853c2a4645dc67b7a1a6d2a0bb7d608bd06fe5865a05ab29e0740994396ad7c83efaf86b1e65dd0a32acb7a425e104d5eed740fdf24cee59bfbb16b6c6980264
SSDEEP

1536:1xaT3oL2MBukaAIu6RMnGsViNE5dTkYyF9py:nmtkaFuvcE5GZFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1640f61ac6ce8472c93ac19e7da5fe40.exe

Files

NEAS.1640f61ac6ce8472c93ac19e7da5fe40.exe
.exe windows:4 windows x86

f92f32a24468e81f5a065789d7f23ab7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorMode
CreateTapePartition
BackupSeek
QueryIdleProcessorCycleTimeEx
IsDBCSLeadByte
FindNextFileA
FindFirstFileW
SetSystemTimeAdjustment
DeleteProcThreadAttributeList
PackageIdFromFullName

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE