NEAS[.]c5072d981dd691e533d1b16cdbed1f90[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c5072d981dd691e533d1b16cdbed1f90.exe
Size

119KB
MD5

c5072d981dd691e533d1b16cdbed1f90
SHA1

678fc6573ea4a2efaaba93e5b1b71ce0c5cc4452
SHA256

029959ca843cd9b52462f3df2b49a6d2bcd1441cd86e8948e921ac65fa75cefc
SHA512

3a6423414cbf6a7cf22b6ae9832d248e8a65864587811fb6ac48bf75d275ddeed433ffcb822d4a1deea53a2842d9c28a4db386d62c6c9dacf403ab29d481b1a1
SSDEEP

3072:Limq+OjoU1Fwn6soXLiT+ytRTAc+jiK3bCa3t563iMu4/7:e77CzAsptRAN3bZk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c5072d981dd691e533d1b16cdbed1f90.exe

Files

NEAS.c5072d981dd691e533d1b16cdbed1f90.exe
.exe windows:4 windows x86

ce513644cb84d78db44dd9a6d43858d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
TermsrvGetWindowsDirectoryW
LoadLibraryExW
timeBeginPeriod
AppPolicyGetShowDeveloperDiagnostic
SetCalendarInfoA
BaseFlushAppcompatCache
EnumTimeFormatsA
CreateEventW
DiscardVirtualMemory

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE