NEAS[.]02036f3cec554f21893c2e2077334480[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.02036f3cec554f21893c2e2077334480.exe
Size

32KB
MD5

02036f3cec554f21893c2e2077334480
SHA1

9f76b093db18cd60c48f49fa92fd86a9a6a53621
SHA256

cf5b07ca5febfdd4e837d973966f935ae34253c0a29b8afd52495120a5b432bc
SHA512

7f9cb9771dc2b79311737edf243d40f2ab3cc474180cdaa4a0cc926080858be77c623b376795f2e2afac5b3798d8d74112966175371b5c5514586c0176015204
SSDEEP

384:Pwz4vtqy467esXlAHu1K+T6MPLXcMI6MdOHDf3mOWDsKxlp2W84cqFpjX:Y4VqN6B1syPDb5d3mOWDsKxlpv84tzjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.02036f3cec554f21893c2e2077334480.exe

Files

NEAS.02036f3cec554f21893c2e2077334480.exe
.exe windows:4 windows x86

405884de03f1a4d257d3812157bfae8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
ShowWindow
PostQuitMessage
DefWindowProcW
SendMessageW
LoadIconW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
CreateWindowExW
RegisterClassExW
PostMessageA

kernel32

GetModuleHandleW
HeapAlloc
GetProcessHeap
FindClose
GetFileSize
FindFirstFileW
DeleteFileW
GetStartupInfoW
CreateFileW
FindNextFileW
SetFilePointer
ReadFile

gdi32

CreatePen

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ