NEAS[.]f064f6c1f21897ff1cb7e842e84e0d10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f064f6c1f21897ff1cb7e842e84e0d10.exe
Size

119KB
MD5

f064f6c1f21897ff1cb7e842e84e0d10
SHA1

559b427e1dd6c83f3c4f7186f329aa2f173f62ba
SHA256

dae6f6e2474e8192cbde8af07822f7785f0c816b26469b020f4cc8f8c3c27569
SHA512

27bd9723da4c60dd060bc62d0790e2cce3c7be59bdf12d8e6f1e26af0d28204ea09862498b81e2a48d0051143fb05181e6b1c392e57d997b126d1f3230cd6540
SSDEEP

3072:FGohY+jxS45Wi/tnmGK/ipFqe8uqBKajnQZaaj0IIZa:Fz70umAqV/djnmB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f064f6c1f21897ff1cb7e842e84e0d10.exe

Files

NEAS.f064f6c1f21897ff1cb7e842e84e0d10.exe
.exe windows:4 windows x86

d5b32858cc88c532f8af5c4ec9e62efc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
lstrcmpA
EnumResourceTypesW
GlobalHandle
RaiseInvalid16BitExeError
ApplicationRecoveryFinished
GetDllDirectoryA
GetVolumeNameForVolumeMountPointA
Heap32Next
ReadConsoleOutputCharacterW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE