NEAS[.]150d8214a5b4428f30393946300351a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.150d8214a5b4428f30393946300351a0.exe
Size

147KB
MD5

150d8214a5b4428f30393946300351a0
SHA1

20b31fea52051865dfa87b3ec906ba756baec09c
SHA256

3bed8f274dd71e3dad7f84801998294eefecc737661daac43591d51f666f4a13
SHA512

6f39a510ebb54e502c791509f1d6920643bcc1d1b627e8425dcfe4f3217d995b0a39d1b313514082d2dc360b2849850e6ac81367e0e474f64571ba8e1ecf99f5
SSDEEP

3072:5pJ2aDe5gUnCTSxR1JUM71m1I1qNTEmojgN8sPIdOIIQATi/9fIGxf:5pG5gpTKWMS4k/qMQ8QATi/Jv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.150d8214a5b4428f30393946300351a0.exe

Files

NEAS.150d8214a5b4428f30393946300351a0.exe
.exe windows:4 windows x86

61ac0757baf7fed117428a1dae493f48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetPrivateProfileStructW
GetTempFileNameA
GetFullPathNameW
FindNextChangeNotification
CancelWaitableTimer
GetConsoleCursorInfo
OpenFile
Heap32ListFirst
GetFileAttributesA
CompareStringW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 133KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE