NEAS[.]f6ca846150e294b34117ba424f2b8d60[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f6ca846150e294b34117ba424f2b8d60.exe
Size

35KB
MD5

f6ca846150e294b34117ba424f2b8d60
SHA1

90bd64b038c35a0b43e633e35c62e3c1f05ae28e
SHA256

3b96d0c051ad0debf96095a4b7dc8fa67a0dd71d629d986489ec5ab8250e3d80
SHA512

f52013fc97812b7470869905d2a85e676e05ed8d1c3e75b6bfeb1db6c8c5001a39d95ab5677e1c750aaccad0990852fd785cddc244d61f118bfd3a38650788c4
SSDEEP

384:QD1fVPSGoWMk/gaVUP7+/3DCfrWA7vvxlLg94calJJjjjCDAAAAA87bq/m7aI5E8:QJfAAJ4+/32frh7D7JjjiH7Xpu16OI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f6ca846150e294b34117ba424f2b8d60.exe

Files

NEAS.f6ca846150e294b34117ba424f2b8d60.exe
.exe windows:5 windows x86

e726c718a89a1f25575c3907b716c08d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

ole32

OleInitialize

oleaut32

SysAllocStringLen

Sections

.MPRESS1
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE