NEAS[.]88a76eee7b8bc6062c23b61bd12cbd40[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.88a76eee7b8bc6062c23b61bd12cbd40.exe
Size

119KB
MD5

88a76eee7b8bc6062c23b61bd12cbd40
SHA1

4c9fbed3e3ad9c77cc38e8b34d9c187f3b10262d
SHA256

4f2a3df3a318371e52b6b909ac2aaee63692605d1a17f592f9695d681fa5d54e
SHA512

35f967d03e84d28d73e73a5680580843147fcb48621a980b8d887bf16b66ff88af93e6400528511646bb9fc06828c748704caca8cb5f192ca2360bf6f2a04391
SSDEEP

3072:U2/MaZJCOdDrA8Ev384KE3j9lTkfY2Yk1Za5b+:U4MMJCOd4BKE3j7k91Za4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.88a76eee7b8bc6062c23b61bd12cbd40.exe

Files

NEAS.88a76eee7b8bc6062c23b61bd12cbd40.exe
.exe windows:4 windows x86

23b0c446d84c197d20b646595fd6ea14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BasepIsProcessAllowed
ReadFile
CloseState
Wow64EnableWow64FsRedirection
RegNotifyChangeKeyValue
WaitForThreadpoolWorkCallbacks
GetFileMUIInfo
EnumResourceLanguagesA
VirtualProtectEx
GetSystemTimes

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE