NEAS[.]6d3a535366ce9cb37a1f42ffd4a57060[.]exe | Triage

Sharing

General

Target

NEAS.6d3a535366ce9cb37a1f42ffd4a57060.exe
Size

48KB
MD5

6d3a535366ce9cb37a1f42ffd4a57060
SHA1

4083089aa699821bcf8faf9e61b6f8008559c49f
SHA256

81305f9ce2f8a293379ffb5f746764e18a96827de59e274d51da327afecfeff5
SHA512

c2e3cdc35ec08790903a39238b565b509c6572cb51b2bf902bc731f52c224f8c46cd59c62fdbd2aa2945fb409b0f2c1a65ac0f3238bbfa6f8ba5dd4d0f487332
SSDEEP

768:n8+RRiZpoyuy8mVaDi1i1iHLL6LL6LLKLLupHC4ZZEdvD:nfRijoy41O00fC4ZZE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6d3a535366ce9cb37a1f42ffd4a57060.exe

Files

NEAS.6d3a535366ce9cb37a1f42ffd4a57060.exe
.exe windows:4 windows x86

74babbed4f0b72fc479f0f3daa6bc53b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
CreateFileA
lstrcpyA
GetCommandLineA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetSystemInfo
GetLastError
HeapCreate
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
ExitProcess
DebugBreak
HeapReAlloc
HeapFree
GetVersionExA
FormatMessageA
RtlUnwind

user32

wsprintfA
PostQuitMessage
DestroyWindow
SendMessageA
LoadImageA
GetSystemMetrics
DialogBoxParamA
GetActiveWindow
EndDialog
GetParent
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
CreateDialogParamA
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetWindowLongA
SetWindowLongA
CharNextA
ShowWindow
MessageBoxA
IsDialogMessageA

ole32

CoUninitialize
CoInitialize

comctl32

InitCommonControlsEx

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ