NEAS[.]dfd9a29d0d9329c49077b0577a889b20[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dfd9a29d0d9329c49077b0577a889b20.exe
Size

109KB
MD5

dfd9a29d0d9329c49077b0577a889b20
SHA1

f8a01b3572e71526bd3d232a3ec7a64029893134
SHA256

1cc89b4670eb6373176905fa9d6b95dba640d371eac9b9aeca01c1c453d3e6c3
SHA512

04b3161b4cf5cc7760aa7c9a2e6a59b129c354d546f7e3fb213c876f62692f6913d5ab8e1209ecd82da4483df3b65352fb8bbd0d919ff06748d125e78de59162
SSDEEP

1536:+IPdoZnqllTXg4wGvBTsV3PlJF7/ziTxFxJYV/RuPVII:+yogw4RvBknF70JYV5kVII

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dfd9a29d0d9329c49077b0577a889b20.exe

Files

NEAS.dfd9a29d0d9329c49077b0577a889b20.exe
.exe windows:30070 windows x86

7a7803027531302026dedc7b5f6025f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress

Sections

aybzaair
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qqjzbqaj
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qrzqyjaa
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

arizarrr
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ziiirrqy
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE