NEAS[.]5b379a568f6f596658659a3f0ca32ca0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5b379a568f6f596658659a3f0ca32ca0.exe
Size

1.4MB
MD5

5b379a568f6f596658659a3f0ca32ca0
SHA1

9133555c4a9c276f87ad5cd99fdf2ebffdfd15d5
SHA256

ad2dce8b9ba197a9aec98d81df7b792072c2f69e872d0e50a0afc439ce3759c9
SHA512

a871c116dd0338cbeeb072d2a43944cdf907dc47fcfea5091146d5693900478c0d638a73ef6d0231c0da4d55a41b6794c94a92525d3892c708a9e806882d2bae
SSDEEP

24576:ZFo8BL6+BlaBlH/ZRuOAapicY9ryT9XG92sdmC/EXL+QXppXw6t:nQBZAZ6tY0TAJEXLPXppXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5b379a568f6f596658659a3f0ca32ca0.exe

Files

NEAS.5b379a568f6f596658659a3f0ca32ca0.exe
.exe windows:5 windows x86

82934e4965220da637b2d21a8de843f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

WriteFile �b

Sections

.text
Size: 340KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaoxiao
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaoxiao
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaoxiao
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaoxiao
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ