NEAS[.]ec2b754fe03d016f064babde5535a030[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ec2b754fe03d016f064babde5535a030.exe
Size

119KB
MD5

ec2b754fe03d016f064babde5535a030
SHA1

0215df50294c8e2843183d42d789a036e502b9fe
SHA256

a751e658794ee4aee853f8c6228afcad3a17be2dc56da8fee979e3b426aca5a6
SHA512

188d2c420982389665fcdc36618b054cfe3c6a5bdb254c59a7755cb8212f1b5097fd4ed1a5435a1f0703ac7939f2a87ce14ddd429303e34416ea8f55be485f34
SSDEEP

3072:4+jZO79PQaVAFeDdMGQ/hrj3NqoGuO/GN6iB6P8BVjSBK9:4+jZsPQaVAFsMGQdARrGN6iB6PujSBK9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ec2b754fe03d016f064babde5535a030.exe

Files

NEAS.ec2b754fe03d016f064babde5535a030.exe
.exe windows:4 windows x86

42004a09ee043f74ee3884f98c72bc51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LZCopy
GetStringTypeExA
EnterCriticalSection
RegQueryValueExA
CommConfigDialogA
CreateSemaphoreW
GetSystemTimePreciseAsFileTime
UnlockFileEx
CreateProcessInternalA
QueryActCtxSettingsW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE