NEAS[.]4edf8859b9403defe012d30abac14d70[.]exe | Triage

Sharing

General

Target

NEAS.4edf8859b9403defe012d30abac14d70.exe
Size

119KB
MD5

4edf8859b9403defe012d30abac14d70
SHA1

168622538005768e12c2a6e6e9353aace90c0142
SHA256

b811c15881bed1728665ac8aa632756e1331851dadd26c5e0b7fc50293b9e10d
SHA512

2326a6f6a0c706ad9bcdcc74d60b3be4c07043e175376eed11a8cb6de3741649647ce71203be2f5023d65079d62c2b5dcaa572403a8090950c60d9554c7c6cbc
SSDEEP

3072:00WIGohTTki6+FtlloUepnKzwVR281/tqd/L:4STk+F/NepfV8811qd/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4edf8859b9403defe012d30abac14d70.exe

Files

NEAS.4edf8859b9403defe012d30abac14d70.exe
.exe windows:4 windows x86

2a34dc5074c0ab13a61f2d9d1c73e333

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileScatter
GetComPlusPackageInstallStatus
lstrcpynW
CancelSynchronousIo
CreateActCtxW
SizeofResource
RegLoadMUIStringA
VerifyConsoleIoHandle
GetCurrentActCtxWorker
WriteConsoleOutputCharacterW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE