NEAS[.]bd363dbb524dde4190de434e4a86fc10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bd363dbb524dde4190de434e4a86fc10.exe
Size

119KB
MD5

bd363dbb524dde4190de434e4a86fc10
SHA1

9a6e917e02e437156fc204dea95e2214c4bb5c8c
SHA256

4bab98c1d7904e79f16cec434469509d2fca2a89268aaadd9f95e613dc3c533d
SHA512

4ea8776bdc3f3584d5e5558ca1e739e13465db8bc2aba6e13711a5e29da92266cc61da064598355617d5a4cd138b17b3c1646d2318f9f267d731bc7b6b49de16
SSDEEP

3072:XRwLpwfM50t7l2rxU+kTnB4S1Y1+qn/fz8:UGO0lX94h1+0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bd363dbb524dde4190de434e4a86fc10.exe

Files

NEAS.bd363dbb524dde4190de434e4a86fc10.exe
.exe windows:4 windows x86

94fd7f709a68b3fb80dc18e9a24b7442

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnfix
LZOpenFileA
GetEnvironmentStringsA
EnumLanguageGroupLocalesW
PrivCopyFileExW
GlobalGetAtomNameA
SearchPathA
SetThreadGroupAffinity
AddVectoredExceptionHandler
GetConsoleDisplayMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE