NEAS[.]b37b7a13b81bb76832305463a3dcde60[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b37b7a13b81bb76832305463a3dcde60.exe
Size

119KB
MD5

b37b7a13b81bb76832305463a3dcde60
SHA1

eb463e9b7d253239c67644622fd8efa9c7b6cbc3
SHA256

6b687f6da31eab4ecd6507a795ae1e1504b32b496ba0fd235049987daaf04c0d
SHA512

9b8d85e1fae5e1f544b5a59cd2301aeb36b169b815a27017bae60771b8a3069104461f32f99a6e4d462373b633256ab267b6c12f3918085a4c08bdb68ba9f432
SSDEEP

3072:7f7WmaPM1AkSWxRoyuqk9VtAcZtitV4SCFDIh81ilmuB6gRlk:7aSbSWxRKD9VZetKBFDc81ilmuvk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b37b7a13b81bb76832305463a3dcde60.exe

Files

NEAS.b37b7a13b81bb76832305463a3dcde60.exe
.exe windows:4 windows x86

4a43a1cd677bf21ab487e03628ab387c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
BaseDestroyVDMEnvironment
SetThreadpoolThreadMinimum
DisableThreadProfiling
GetCurrentActCtxWorker
OpenEventA
BaseFormatObjectAttributes
SetDynamicTimeZoneInformation
SetProcessShutdownParameters

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE