NEAS[.]1a4dd2c5dd412c7ba2aca930bf5f5cc0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1a4dd2c5dd412c7ba2aca930bf5f5cc0.exe
Size

119KB
MD5

1a4dd2c5dd412c7ba2aca930bf5f5cc0
SHA1

39f0c183dbe3d97a0b6f58ce9ac00ca2555b4a83
SHA256

862b6dda5739bfa15ec62e7b5afa8d66127f8a55371cd23968daeb34b3d962ee
SHA512

521661e9e3fea5dea4a737cb15fdf016c89e5943f5e1b41e059fbea3290a003dc941ef54efea0a3e46e9ca76123a7769a25e98a268fbf2fd8ab2dc36c627c895
SSDEEP

3072:IQqxtVyq/1Y9oPH78dQ5T1FFEBTdsRyh/sclrw9bFQGbS:vqxtx/GwH78mB1FFKhs6swk9uG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1a4dd2c5dd412c7ba2aca930bf5f5cc0.exe

Files

NEAS.1a4dd2c5dd412c7ba2aca930bf5f5cc0.exe
.exe windows:4 windows x86

20f548d1faa87b3be2cc6a5c03828440

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
CopyFileTransactedW
RemoveDirectoryTransactedA
EnumSystemLocalesEx
EnumSystemCodePagesA
PssWalkMarkerSeekToBeginning
DnsHostnameToComputerNameExW
CreateRemoteThreadEx
GetVersionExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE