NEAS[.]f57fef7badffb8ef2d6452c456da9930[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f57fef7badffb8ef2d6452c456da9930.exe
Size

119KB
MD5

f57fef7badffb8ef2d6452c456da9930
SHA1

08bf1bf611d93ee6975e6c7df4b1b522bbbed4ec
SHA256

c2a76b3db1d4a17c8cb476e7b1fc958a34e120530572964f7df2d0870d8bae3f
SHA512

fe4af80fca4bbf03ff0e8e20b1cc2cfb4e32a30ee9fe11d6a25d7fc61189e06b249f624ffaf3762ba54e8bdcf6f4ed872af288e653b8794026fbe7fc40f1f701
SSDEEP

3072:XDxrbZfEQhUTI4ZhsIVcE2Sc19qYaTd7hsBJ8MAQDeuUAE:XffDUT1CEA19baT1hqXDeug

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f57fef7badffb8ef2d6452c456da9930.exe

Files

NEAS.f57fef7badffb8ef2d6452c456da9930.exe
.exe windows:4 windows x86

91f8bd44f089ef4872e83cdebb901e9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BasepReportFault
CreateEnclave
HeapWalk
BasepFreeAppCompatData
SearchPathW
GetDllDirectoryA
PssFreeSnapshot
K32GetModuleBaseNameW
ApplicationRecoveryFinished
ReadFile
LocalFileTimeToFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE