NEAS[.]0360e59b8c02d876bac3a3b96d87a030[.]exe | Triage

Sharing

General

Target

NEAS.0360e59b8c02d876bac3a3b96d87a030.exe
Size

180KB
MD5

0360e59b8c02d876bac3a3b96d87a030
SHA1

268772f90f2a6f0414f1ecd94180f2166884c391
SHA256

a72c10e7a6a6652aea1bca6630776d9c07c7f0204330ad6aeb3d24ba5e7c0930
SHA512

f0b3ee4165e2f7d2ff57a2b0320c85a05060d4d392799821803e46dccaa89ed89dc278f5db6145c3e46d598d44b8de7dd006042f82843f6b9628b65653332241
SSDEEP

3072:qF4/JJuWOXnr2MeR8VJONYZtxZZcZ6wPDFNXfkXxPiuVuNE4vzy05SIwUATW/lN2:eWx0Jq2trwPLPkX0vy0spTuONieZ9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0360e59b8c02d876bac3a3b96d87a030.exe

Files

NEAS.0360e59b8c02d876bac3a3b96d87a030.exe
.exe windows:4 windows x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

.text
Size: 68KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE