NEAS[.]21369b5d1bce774b09cbf005a30c4e30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.21369b5d1bce774b09cbf005a30c4e30.exe
Size

119KB
MD5

21369b5d1bce774b09cbf005a30c4e30
SHA1

45bc853bcd36ef872ae8fc502e4617be858c5c73
SHA256

09f08933bc820992cb459185fc9645a19f0967b35b1c32d81cf0062e6bddda6f
SHA512

a6a6e2795a8cc10cfca1c789129918c7a13b815e198de9331a5611faa69bb2a555df7ed40d1209b6ae50e50f4e9c52962054a3bbb122932eb9af4dc2b18e112b
SSDEEP

3072:xK6nQoK6DkgWuDBlIXHwuDRdE7FwYsiPoceidjq94:t/K6ogWubIXZChbsiQceiV84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.21369b5d1bce774b09cbf005a30c4e30.exe

Files

NEAS.21369b5d1bce774b09cbf005a30c4e30.exe
.exe windows:4 windows x86

4acd9153ad94e9451e90cd96cdfac565

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
IsProcessInJob
CopyFileExW
GetCalendarInfoA
GetStringTypeExW
GetCompressedFileSizeA
GetModuleHandleA
SetPriorityClass
QueryActCtxSettingsWWorker
BaseIsAppcompatInfrastructureDisabledWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE