NEAS[.]b79b2e0ccf999e5c70d41631d4e02c90[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b79b2e0ccf999e5c70d41631d4e02c90.exe
Size

355KB
MD5

b79b2e0ccf999e5c70d41631d4e02c90
SHA1

f8a57dc58b29b09934b9436b785ed962f2b365c1
SHA256

6a3d90a519e0dc325996ebca0a47846503291c33b7d8e6c3dbdcc59c6812a8ef
SHA512

4c070e6d2bb82af82c8ecc8bcad4de052463dc33d63d7d242493c273920cec8d99c08ae24b66470a4f166c43da8ef922dfc6b146011b3b3bcb75aafd8a8428c7
SSDEEP

6144:56DxkirMjBMiDX53L47Cho1lJ4h7UgUN5RYnCjSUfr4Tt5SZehVS:56V3k3phuFPfj7fr4R5YmVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b79b2e0ccf999e5c70d41631d4e02c90.exe

Files

NEAS.b79b2e0ccf999e5c70d41631d4e02c90.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ