NEAS[.]6df271b9f0ff6bec659598099425f580[.]exe | Triage

Sharing

General

Target

NEAS.6df271b9f0ff6bec659598099425f580.exe
Size

248KB
MD5

6df271b9f0ff6bec659598099425f580
SHA1

6496035e70ec51846b7aed018b224a2325a5f061
SHA256

7c6f5fdbd118a9ad331602894cb1981ba61081f0bd775d11b18b8381d3e32dc8
SHA512

29c521ec802e315d3d2facf4e38b650c58a762b969f9ee4ff66826fdc5dc094f765af1910ffd2f6d527ca8b9aa3c2c26a3ad542d300c2fa0e9096c070747c077
SSDEEP

6144:aJuXtXxog5E+FWPNfrf6yGEssQxNpbMDk:W8XNE+FuNfrSyGEssQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6df271b9f0ff6bec659598099425f580.exe

Files

NEAS.6df271b9f0ff6bec659598099425f580.exe
.exe windows:4 windows x86

3e3d633779e35448851e7a9ca7e72522

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoInitialize

Sections

.MPRESS1
Size: 170KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE