NEAS[.]586cc5807ed45d1767a2abea95b57160[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.586cc5807ed45d1767a2abea95b57160.exe
Size

119KB
MD5

586cc5807ed45d1767a2abea95b57160
SHA1

04ddbf08ba54a131bd0bfd0712ab472aa52508d6
SHA256

0cb332bad365f7a8e1848c7ee997c4a66b55a9ac37db54d22f0f95f5fe265266
SHA512

5e83781cb93c4ba8a40b8a6c6f672aa156135837efae29128abbba736ff1721ffe3890d5dd89a03bbf4d42cd09518223af0e64c6131d09838688f36e704a0062
SSDEEP

3072:gDW6MyFrZkktOkFX4BAXd/dB/+KOS3hS9Sho:oW6MyFrZBXOMd/dBVZ3hSco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.586cc5807ed45d1767a2abea95b57160.exe

Files

NEAS.586cc5807ed45d1767a2abea95b57160.exe
.exe windows:4 windows x86

88997f2f679a2dced609741ba0e4f5ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommMask
SetConsoleCtrlHandler
CreateTapePartition
SetFileAttributesTransactedA
BeginUpdateResourceA
SetProcessPreferredUILanguages
LocalReAlloc
GetTapeParameters
DeviceIoControl
LocalLock

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE