NEAS[.]01c49202c3dc39c5d9a45e71ee45d1e0[.]exe | Triage

Sharing

General

Target

NEAS.01c49202c3dc39c5d9a45e71ee45d1e0.exe
Size

119KB
MD5

01c49202c3dc39c5d9a45e71ee45d1e0
SHA1

23bed453f3de95fd3c66b3a8e0b517e3ed3718e5
SHA256

2cda8f8c3b9651974b509af11267883216ae542cb38640ba05d7f8a4375f4e27
SHA512

22608d1725002f44e634e0ab98c5dc0ceb7aa18b7e052d8dbd4e4efdbf8a0a5d2641dcfbdfcb9989b4eeb717e3fcdaf42e99cc464b808e847ff83832b2c164c0
SSDEEP

3072:D7/GVoKQ2vo0H/LY/SAUqZTtDq8VPOMlNhkXNklHfR0RDpppqR8Z:v+VVw0CSA3Dq8VPrxUOHZENpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.01c49202c3dc39c5d9a45e71ee45d1e0.exe

Files

NEAS.01c49202c3dc39c5d9a45e71ee45d1e0.exe
.exe windows:4 windows x86

407dfe6edf91500dd8dfcd2263c85f92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
SetCommBreak
CreateWaitableTimerA
HeapCreate
GlobalLock
NeedCurrentDirectoryForExePathW
SetCommBreak
LoadStringBaseExW
GetFinalPathNameByHandleW
GetConsoleWindow

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE