NEAS[.]bdb18e2b45634a890e3549c21ae4d0f0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bdb18e2b45634a890e3549c21ae4d0f0.exe
Size

141KB
MD5

bdb18e2b45634a890e3549c21ae4d0f0
SHA1

70eaa9a5a9466237dc638083db1536ed3c6b7e81
SHA256

8efbab22272a6a53c8a5b1a7636f2ec57a0643b8df86d1b180362da5ec519c06
SHA512

de132596ee4a164b915b9ad99b4ec28b1b5d2a5f74f73a1a243c4ae7f4870777cda501f744a45d891bcd44eb021a19942ed69bbfaaca47eb205d00d0910f7e67
SSDEEP

768:PtTUci1E0aLk07pcSN9wGnqRUcOlK0Hms3F9dTU5D8QfRU:VTPi1ELo0iWwGvcOlrRIm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bdb18e2b45634a890e3549c21ae4d0f0.exe

Files

NEAS.bdb18e2b45634a890e3549c21ae4d0f0.exe
.exe windows:1 windows x86

c2e2a8817b1498281174d783baffd9e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
CopyFileA
RtlUnwind
SetFileAttributesA

user32

FindWindowA
BeginPaint
EndPaint
UpdateWindow
LoadCursorA
LoadIconA
LoadBitmapA
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
RegisterClassA
PostQuitMessage
GetSystemMetrics
ShowWindow
CreateWindowExA
DefWindowProcA

gdi32

BitBlt
GetStockObject
SelectObject
CreateCompatibleDC
GetObjectA
CreateFontA
DeleteDC
DeleteObject

crtdll

__GetMainArgs
exit
raise
signal
strchr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 376B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE