NEAS[.]77f740862e418020d114e112dc570c00[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.77f740862e418020d114e112dc570c00.exe
Size

119KB
MD5

77f740862e418020d114e112dc570c00
SHA1

d17e94d8e3c3da52ead9b3572db73f64c1f82510
SHA256

536639372a353321ed46c33cd81750d6513d602dd79f194056bb28ee1d78686e
SHA512

e18888f39a976af932c41a67418c54fd2c08791052d2baaae8f4623876e6d93e16ea457b7cc67370be09cce6c0e15c6b3d2289c3a82982ae11cbd2889da2efd1
SSDEEP

1536:cYaKD7EcqKz5oG7/B0wwu+gVgk1qXx7vmuOC0SQ1rPaEwyN9pw5j3dopnXchEUnH:cgvz5orwwu+gikI9EC2o2qJet6dh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.77f740862e418020d114e112dc570c00.exe

Files

NEAS.77f740862e418020d114e112dc570c00.exe
.exe windows:4 windows x86

fe971177c4db28b520981bbb5901a3c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

K32EnumProcesses
GetMaximumProcessorCount
K32QueryWorkingSet
SetFileIoOverlappedRange
FlsAlloc
Process32First
RegCopyTreeW
GetTempPathW
GetThreadTimes
FoldStringW
PrepareTape
ConvertFiberToThread

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE