NEAS[.]d3eb98213274551f74738479864915e0[.]exe | Triage

Sharing

General

Target

NEAS.d3eb98213274551f74738479864915e0.exe
Size

119KB
MD5

d3eb98213274551f74738479864915e0
SHA1

3dc95038f558c5c5e3cc1b09e73e63bd26e16b19
SHA256

98f74c7a34f8437b03d5043ade8d2ef422c45cbd6864dad5778dfcc94760fab7
SHA512

dad0f9ef8a7a4afc76917ee46a19dc4fa68439b868881727452303e19c3f95f99f8019819a8e20475d0c9480869776eb7820aebf2899ff7be7d50d6c1c280041
SSDEEP

3072:GtwgYJ6IS9wu3uDrsge6etpZxpvI4dZ+r+pukf06N:bpSForUpgSgEcg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d3eb98213274551f74738479864915e0.exe

Files

NEAS.d3eb98213274551f74738479864915e0.exe
.exe windows:4 windows x86

b9254cb5de3e20dcf81e5c4b6db8463f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BasepGetExeArchType
GetBinaryType
FindClose
GetProfileIntW
MoveFileA
GetNamedPipeClientSessionId
EnumSystemLocalesEx
GetAppContainerAce
OpenEventW
GetTimeZoneInformation
TryAcquireSRWLockExclusive

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE