NEAS[.]526cb50175915e967f445ac7bf240df0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.526cb50175915e967f445ac7bf240df0.exe
Size

2.0MB
MD5

526cb50175915e967f445ac7bf240df0
SHA1

ecfdc92cee9e653a97d299299eaf2bf42808c17f
SHA256

f1a7a81e2b8bc46b98c3672bdaaecdb7eb91ebf8e9c1396589c6fa47a812cad7
SHA512

d153d2cea9a5ae40905a382adeaab86f6a2aeda06d9e37949384d1b27a8b534cd6b98903b8d052d65c5b9723f6b451089e514f2fa602a8ffefd80c7729e44a76
SSDEEP

49152:RJh4f4LmZOq/dgv6SgCpxdwO3cy5PzTuAvnKpPwsIcI4Q:RJhbmZVW6BCpHwcdLqAyrIcI4Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.526cb50175915e967f445ac7bf240df0.exe

Files

NEAS.526cb50175915e967f445ac7bf240df0.exe
.exe windows:4 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 376KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eqdemest
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yijaerra
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE