NEAS[.]0904743117919f36bc4d7d3c250f74d0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0904743117919f36bc4d7d3c250f74d0.exe
Size

119KB
MD5

0904743117919f36bc4d7d3c250f74d0
SHA1

59e37478e9da9205142c0532befd729bba8e8b79
SHA256

1ff21e06ba86d3b20cd10ee811b985b88e35ce7db2cdea05700a4a1260931a3f
SHA512

734a934349853e9e9dd7674c52b09a86f10844135b71ddda5455358c4aaa3bac0e5eaae3619de087a8aceab20870eb0e76292952a0aea778ab6d55ae60dc800e
SSDEEP

1536:MED/y+HN925AUk0HgvT+0+T5VSVYxJa8/ZrkuuG8MT252V76NaYx+jGyx9iUVBhQ:dzTN+AUk0AiFnKoJZZkaA4fEuU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0904743117919f36bc4d7d3c250f74d0.exe

Files

NEAS.0904743117919f36bc4d7d3c250f74d0.exe
.exe windows:4 windows x86

3cec87ad1ae9dfd572337e8f6ad8ea21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPackageInfo
SetProtectedPolicy
ReleaseActCtx
VerSetConditionMask
SortCloseHandle
K32GetProcessMemoryInfo
UnregisterWait
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionNamesW
SetDefaultCommConfigA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE