NEAS[.]554b2fc9e5a40e13d2c828f24e0af5a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.554b2fc9e5a40e13d2c828f24e0af5a0.exe
Size

119KB
MD5

554b2fc9e5a40e13d2c828f24e0af5a0
SHA1

6edf21a9bb584e0fd541f05d8a957a5169e0157e
SHA256

f60f6e6df4cbd658018efeff180612e99fac2b3b4ee03e3c6557c7796f8942a4
SHA512

f331097886e3fe5b6bfe9e73d7e579600998620f062d6a8ee6a4f3f155c91333dd389b41fd67f40585cfd491dd7c2b069bab397166fc9de7223bcaf6008fba84
SSDEEP

1536:wmSFTUVg0xjb/sC4gZc580ozdNRRSJuYza9YsXOQdZp3s9qJbovij5PX0Uz76pvD:wmyw53iqk80oH32k89CoyMUz76pvNmE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.554b2fc9e5a40e13d2c828f24e0af5a0.exe

Files

NEAS.554b2fc9e5a40e13d2c828f24e0af5a0.exe
.exe windows:4 windows x86

deab32067d68990328a34e79fe1e7135

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
SetThreadPreferredUILanguages
ClearCommBreak
IdnToAscii
GetDefaultCommConfigW
RequestDeviceWakeup
GetHandleInformation
GetProfileSectionA
ContinueDebugEvent
RemoveVectoredContinueHandler

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE