NEAS[.]64ef433ae3a9050041a8df26f39bc070[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.64ef433ae3a9050041a8df26f39bc070.exe
Size

119KB
MD5

64ef433ae3a9050041a8df26f39bc070
SHA1

775a7aa32f9e77aecf2f72a001b65253176c46fd
SHA256

b3d7d4b8a6436d23d8c862a8b1d2da8b08e78bcebec94a1cb4c143b8ac534703
SHA512

694c37344791913d1a5627d50e09b2dbbc156e0d9162e6427581a01f3f9f2270282cd4e4e6b67403b6bbbaed47293aee7b815e063e38e81f5c3e6bbacec73dbd
SSDEEP

3072:sjdCEmpdyU4Lb4M24ro3ykhZjmbOCjcZ1Ub:sxrUNM24UCkhZjmbO0cZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.64ef433ae3a9050041a8df26f39bc070.exe

Files

NEAS.64ef433ae3a9050041a8df26f39bc070.exe
.exe windows:4 windows x86

5151669641316937cac1f22f8659f7a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetProcessPriorityBoost
GetFileAttributesExW
SetThreadInformation
GetDefaultCommConfigW
BaseIsAppcompatInfrastructureDisabled
AppXGetOSMaxVersionTested
BaseInitAppcompatCacheSupport
SystemTimeToFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE