NEAS[.]41f9216f41cdcd121b2eb0cd2ac37780[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.41f9216f41cdcd121b2eb0cd2ac37780.exe
Size

48KB
MD5

41f9216f41cdcd121b2eb0cd2ac37780
SHA1

c34c7cfb9478b420c1ce93b1e837bedf89d52db3
SHA256

1d9e84bce2f936ec9eafe8ed221330fa458092c5d57fdfabd8b16a89edbc9929
SHA512

a418d1abd7af7173d40d64bf7e9c33d89559edfc00147c9a4a334e508001a6d57055c8542e9b58c021403a94c2cd926718bfd7235bfbc6d4ef5420d7a0914806
SSDEEP

768:tBaqBtBWZ8oLevyaKYutDXMBZk6kTyACGvviB9wrzKt2FSof:tBaqm8oqaazu5XYq6kiGxPK3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.41f9216f41cdcd121b2eb0cd2ac37780.exe

Files

NEAS.41f9216f41cdcd121b2eb0cd2ac37780.exe
.exe windows:4 windows x86

25778cf156954a826f64283b6a75b49b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lwrite
_lcreat
_lclose
_lread
_lopen
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE