NEAS[.]1bdde0fc6cb9b42715b0ea6706a3e8b1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1bdde0fc6cb9b42715b0ea6706a3e8b1.exe
Size

107KB
MD5

1bdde0fc6cb9b42715b0ea6706a3e8b1
SHA1

3231a26247c0896eccf24fc0fe44278c844b95f7
SHA256

27ee1c15321d0524d6f600a70fa85e1429005aa99f4aa6f068fe5cea12de6d55
SHA512

2984faa9f54cb761be4dde619e14873a96da642d463817ca5f964d7db08424c915c3bb2b905d895f20b02b462679abe1dd6f11a372ed12d953039a81fbb9e54b
SSDEEP

3072:kKHiNpkwxpwZpIOfXnjvrrBndVC+PVxm7:kwiNeaaKAXjvv9LDxm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1bdde0fc6cb9b42715b0ea6706a3e8b1.exe

Files

NEAS.1bdde0fc6cb9b42715b0ea6706a3e8b1.exe
.exe windows:4 windows x86

5f022f37344604ae0418de4700b3fe44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetEvent
SetLastError
RemoveDirectoryA
DeleteFileA
OpenEventW
GetStartupInfoA
OpenProcess
GetEnvironmentVariableW
GetModuleHandleA
WriteConsoleA
SetConsoleCP
VirtualAllocEx
GetCommandLineW
HeapSize
CreateFileA
ExitProcess
ResetEvent
ReleaseMutex
ClearCommBreak
GetTickCount

user32

GetDC
PeekMessageA
DispatchMessageW
GetCaretPos
GetSysColor
GetDC
CallWindowProcW
DispatchMessageW
FindWindowA
GetKeyState
GetWindowLongA
GetCursorInfo
GetClassInfoA

linkinfo

CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

upreryh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE