NEAS[.]0388c83bea4437a75fc87fff2d4f1060[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0388c83bea4437a75fc87fff2d4f1060.exe
Size

110KB
MD5

0388c83bea4437a75fc87fff2d4f1060
SHA1

fc16310178be7bda3416c9eafac12cd3d8eca7da
SHA256

e5a80957304157fac7a313a065226363249d5b6d6f63426c85c325f0e1e2625c
SHA512

57c81a9aadc191bae4c9bb187c3dba859d4ec8d707d6cff169a1c5fab109403d98ca3480fc0b68ec57ec9d39c86e632bd88159ad0827596b4d3ef1acfcbc1cb0
SSDEEP

3072:U7a8JBaMvRhQPzz+o5SCsu2oh40kv3VucVEp:+YMvRcL5Fsu6vFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0388c83bea4437a75fc87fff2d4f1060.exe

Files

NEAS.0388c83bea4437a75fc87fff2d4f1060.exe
.exe windows:4 windows x86

1b8b31fdea849f88f84c4d70c6b21a86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetNamedPipeHandleStateA
OutputDebugStringW
EscapeCommFunction
CallNamedPipeW
GetNamedPipeHandleStateA
PulseEvent
CopyFileA
SetConsoleTitleA
GetFileSizeEx
CreateEventA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 41KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE