NEAS[.]94eb7db2b96ca0a527309579c8ec8890[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.94eb7db2b96ca0a527309579c8ec8890.exe
Size

119KB
MD5

94eb7db2b96ca0a527309579c8ec8890
SHA1

7d6f5a83e4f4955f032097b8cec4b0af2732c25b
SHA256

2b7cf5e92242aa9e92a8979c2f8dd4ba6364f4052b0a39d25d8d918ddb4dc509
SHA512

47755d24e30ec07d9358a1effbc37539cb343c9432516d328670a014279590d941d199ea025626f56ffff7a176d7f2fadcc8df8006e68683b1d74f0731ef11f3
SSDEEP

3072:y9ozQEYN9sJs6nbaQM4q8SEyhx974BzPdI:y9o9YN9H6zDHydoPC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.94eb7db2b96ca0a527309579c8ec8890.exe

Files

NEAS.94eb7db2b96ca0a527309579c8ec8890.exe
.exe windows:4 windows x86

87e2f6a7395c3ecc63a39806dd7f3560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarDaysInMonth
IsDBCSLeadByteEx
WerUnregisterExcludedMemoryBlock
GetSystemTime
SetConsoleCursorPosition
WerGetFlags
DisableThreadProfiling
LZSeek
BaseGetNamedObjectDirectory
GetCPInfo

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE