NEAS[.]15670451ed1fa4932fb8f83111fd2690[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.15670451ed1fa4932fb8f83111fd2690.exe
Size

119KB
MD5

15670451ed1fa4932fb8f83111fd2690
SHA1

4fbc178bd51640670aa7c2e4fe3eeabb5c8d9ae9
SHA256

eda1adf36fde420535227d5547ff205bfa56844b05717afa5bff60fcae754e10
SHA512

b4fa1e67de792269f1fa8155d9a5b4fda445ce77c855b2d3d4a95c476f686d97c74b0ed2d8b9aa645234f725ef1dce3e10f7dd63c67574cb6aaeba1338c6d71e
SSDEEP

3072:lFBeUF4TpCM1VVI/OVB8fxN3/Y6FYoPgg+vgftZu1HliVT:lFf8pP18OVGZNPYYV+vgftZWHly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.15670451ed1fa4932fb8f83111fd2690.exe

Files

NEAS.15670451ed1fa4932fb8f83111fd2690.exe
.exe windows:4 windows x86

392021946d949f42ac84ccd9e844e690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCommandHistoryW
NlsUpdateSystemLocale
GetNumaProximityNode
LockResource
SizeofResource
RegEnumValueW
SetConsoleTextAttribute
ConsoleMenuControl
SetCachedSigningLevel
QueryInformationJobObject

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE