NEAS[.]a49d8d971a9a745b914ddee7fad40e20[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a49d8d971a9a745b914ddee7fad40e20.exe
Size

112KB
MD5

a49d8d971a9a745b914ddee7fad40e20
SHA1

2e2a2d76aac00c6f59be08c75419eb715970262f
SHA256

bb721377e99cbbf34e6ca7551856f3a9a3976a69cc454e826889a0d396a494a6
SHA512

5d89841af228da40cc161cf3d8a322ee20312967c00d521521bb2a04c09604814e6c966ea884d79bc621e6538c796ea2a7fc2913f5fba2843f1588aded087175
SSDEEP

1536:FT+2bj6JjNhEi1zOFqPGDQUfypu6+PjDPyZktS9:02bEhb2qPGDQUf4u6WP/S9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a49d8d971a9a745b914ddee7fad40e20.exe

Files

NEAS.a49d8d971a9a745b914ddee7fad40e20.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 75KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE