NEAS[.]4e260e767453e3ea6c25aaed008917f2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4e260e767453e3ea6c25aaed008917f2.exe
Size

77KB
MD5

4e260e767453e3ea6c25aaed008917f2
SHA1

611df984ceb3697d7d50362b0d9e2e92bd154b5a
SHA256

1bb849e866b0f48daa86791b0321fc69c671343bd8b65f3c91a086c8f6e8bb74
SHA512

691b4d02f47476e144a00f1c7b19b119e5bc7fca3c0f544ebcca82d9fcdb0b41006fe4e76216208d225b55d6fbbfb0579d13fe32249a9c4025ad63c7bde22fdb
SSDEEP

1536:UOzC0tKyIy9nOM8e5rqYJkdpzCEw2dnUK:UO9Ro2rqYyXzCEwGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4e260e767453e3ea6c25aaed008917f2.exe

Files

NEAS.4e260e767453e3ea6c25aaed008917f2.exe
.exe windows:5 windows x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

SVDUWDGW
Size: - Virtual size: 160KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SVDUWDGW
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE