NEAS[.]afdbf920fcccd6c0a45249493d8084e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.afdbf920fcccd6c0a45249493d8084e0.exe
Size

119KB
MD5

afdbf920fcccd6c0a45249493d8084e0
SHA1

9ffe7cd8e96e7398711ab441514d8c61c72f29d8
SHA256

6881230393ec250232ce741e28b23decd5606b8ac9e4c4d4129c327364575107
SHA512

656974dbc0cdbc5bcc4bc7095628025e34ba0297b7988def9dc6db33d4a05e2d924211b65824f2b4763845d0295fb7ba9ca556167e4005b1747cf76252799d82
SSDEEP

3072:0nwTCW/tNhzsf4whY5fg/LU7uzcsHo9AHtmMblqH0kT:MwTjVNhzUXY5sI7uzDIIzlrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.afdbf920fcccd6c0a45249493d8084e0.exe

Files

NEAS.afdbf920fcccd6c0a45249493d8084e0.exe
.exe windows:4 windows x86

8b83e2c9fb6941562e768d88f895082c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

K32GetProcessImageFileNameA
SetDefaultDllDirectories
CreateFiber
LeaveCriticalSection
GetBinaryType
GetSystemTimeAdjustment
BaseInitAppcompatCacheSupport
MultiByteToWideChar
GetConsoleAliasesLengthW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE