NEAS[.]8c4a6c14ba6e4ba79f7daae9d247ece0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8c4a6c14ba6e4ba79f7daae9d247ece0.exe
Size

119KB
MD5

8c4a6c14ba6e4ba79f7daae9d247ece0
SHA1

3646fc66df86ea20bddb8e0b2997f6facc1fd2ff
SHA256

2c9480ab8bba8bf62d21a38c34e2ab7f3b8fc83f0d281abc4e42abc8118f818f
SHA512

732fd8cc57274111d04adc8e48d6b5f6821823c907b86481d1a80c1cf36228da243709be3a46768fc8af93d423fc1da09697eb9ec1616926a0d56d75388d225c
SSDEEP

3072:GGZt/+6DYmBUqcptSWAIe3NU7enDv1SF1rrio00RHr:GGZt/+6DYcPcT+Ie3NUSnD4co0aHr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8c4a6c14ba6e4ba79f7daae9d247ece0.exe

Files

NEAS.8c4a6c14ba6e4ba79f7daae9d247ece0.exe
.exe windows:4 windows x86

cd4e336f01d7e655b326c89170737256

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleDisplayMode
DeleteAtom
RegUnLoadKeyW
EnumSystemLocalesW
InterlockedExchangeAdd
Heap32First
IsThreadAFiber
SizeofResource
VirtualFreeEx
lstrcpyW
RaiseFailFastException
RaiseInvalid16BitExeError

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE