NEAS[.]9bdf5310e5abe75089ef8a39acd60e50[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9bdf5310e5abe75089ef8a39acd60e50.exe
Size

1.8MB
MD5

9bdf5310e5abe75089ef8a39acd60e50
SHA1

15fc9c6dc4811821c1bd85ae00f17c369b19c32c
SHA256

caef4083500ce7952247913e8cf4aefe913ed2c74bdc6ac566d04949727c7b2e
SHA512

b60744f5fb4ddcd04b8dc38d81ec7ca97b382a487ff1b618832e93b687ff02b6977b0eba7feaeb4861621432095592e4f9bed1d27d5d210fa57898f15ae5c87f
SSDEEP

24576:yjw1m//9U9xMtjJ6MEu6X+m5pXjCHOqAXKAfPpskpNm/uU0pRiP/zqLvjXLptr:yymHAMtjJ6xutmbjI+DV7m/uI3G3b7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9bdf5310e5abe75089ef8a39acd60e50.exe

Files

NEAS.9bdf5310e5abe75089ef8a39acd60e50.exe
.exe windows:5 windows x86

c5deef11ea28ffa7dd2b187dc2cf7af3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile

user32

OpenClipboard

gdi32

CreateDIBitmap

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantInit

comctl32

ord17

ws2_32

recvfrom

comdlg32

GetFileTitleA

msvcrt

malloc

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

CODE
Size: 320KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ