NEAS[.]344eae766c3504f0550644a918028cc0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.344eae766c3504f0550644a918028cc0.exe
Size

119KB
MD5

344eae766c3504f0550644a918028cc0
SHA1

0d2469557226d14d7d86d2f47cbdcaf97dc97839
SHA256

ea734fc6cd9895d814709e7307bc13064bccba8b3de74b9774927d1c3aa0c44a
SHA512

599b8fd92d76b0cfaa1a3bb473fe8070666506a2ddbcea9c81a73a40b1e5cd3b950d1dabd29ba89a02807c3aa154165b757ee783e077c5e299db345e5e55ea4e
SSDEEP

3072:eVILRMOuDuDO8fk7MfSdOfE5v6ZheiHsAH:eVK+DuCw6d/5vmsixH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.344eae766c3504f0550644a918028cc0.exe

Files

NEAS.344eae766c3504f0550644a918028cc0.exe
.exe windows:4 windows x86

5c4e36535b385fbf7cbb8c1050079bd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
ReadConsoleW
NlsCheckPolicy
GetFileAttributesExW
GetTimeFormatAWorker
GetModuleHandleW
BasepAllocateActivationContextActivationBlock
SetStdHandleEx
SetConsoleInputExeNameW
GetNLSVersionEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE