NEAS[.]cb4b520d59a04d374afc1a5f0767c080[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cb4b520d59a04d374afc1a5f0767c080.exe
Size

119KB
MD5

cb4b520d59a04d374afc1a5f0767c080
SHA1

cd6174730c9a4d8c2a3aed3d3271c374acc8fb57
SHA256

f7cc1140c8b2b7eb5036ea36ec8096c1c9e955f8c2674face173db2a8a88bd5e
SHA512

236f223313b8e49384357d544d271a4b54c0c9bad571aee7fa09ee7295367f5ae28c51cc016669d87eb1b04c3c796f5d0fe9dd21a61ba07967f4cc4f3e1d327d
SSDEEP

3072:j5D7OQGX8X0gDuHjKzl2JX/X6ItE2qBRdsIBhAkGUTEA:jBS9X20gk28JvX6VdRdsIb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.cb4b520d59a04d374afc1a5f0767c080.exe

Files

NEAS.cb4b520d59a04d374afc1a5f0767c080.exe
.exe windows:4 windows x86

2d381109b46ac4c4f4f74c7be48b8c11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenPrivateNamespaceW
GetProcessPriorityBoost
CreateFileMappingNumaA
BaseCheckAppcompatCacheEx
SetSearchPathMode
BaseFormatTimeOut
PrepareTape
UnregisterConsoleIME
BaseWriteErrorElevationRequiredEvent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE