NEAS[.]1134414c537ff93ce7ae1b9b254853a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1134414c537ff93ce7ae1b9b254853a0.exe
Size

22KB
MD5

1134414c537ff93ce7ae1b9b254853a0
SHA1

b72467d9fa217d1e984d5f294724d9e11f11fb86
SHA256

40d2b97f508c7dc4d4e2e918719dedcca615928d100197a0a09c375508b87e34
SHA512

7c71d410d651a8fea5e7d28db0b67fad7bc7484c4503e6a80a2e0421f8e0e0da66f4c72dc3d2d20b7dfb60bc1f857f380dfeefa63cb47931d8a953054baff063
SSDEEP

192:1YOmJ2dUYnt0ZVJVx+zXIKk21NMvPktX13S3o+Iq7wOH55Ii3uyjDvTOTlvm7:Vt0Zz+EdtvsGLtF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1134414c537ff93ce7ae1b9b254853a0.exe

Files

NEAS.1134414c537ff93ce7ae1b9b254853a0.exe
.exe windows:4 windows x86

1e84ffa21ab885469d86810171c6502a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvidctl

GetProxyDllInfo

ole32

StgOpenStorage

kernel32

RaiseException
HeapSetInformation
GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess

advapi32

CredFree

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ