NEAS[.]084bffb6709970bdd23f4773da7afd40[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.084bffb6709970bdd23f4773da7afd40.exe
Size

56KB
MD5

084bffb6709970bdd23f4773da7afd40
SHA1

c84c125a32c3394dadd6ef4b093016f846ae152d
SHA256

95257620f6d44d0e836c12d077d0aee5642f34b4490e663b1d86086df74d3b0e
SHA512

87adb7ea26ddf9ad23b284afe5d6e3538342fadb0002177e221285a4fca78d3fae9e48e7121e04542101bc6a9458a17f028eb72cdbd711fd1f64829072fb980d
SSDEEP

768:lXrTD8XqaQ5c0RyN/oQ/EfYlWUvL7oLQMidSDyM8CTbXerSd8+5QHTXgV+O2Iz/z:9D9O/DsfwWUj7oLQMJDbXegzQwMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.084bffb6709970bdd23f4773da7afd40.exe

Files

NEAS.084bffb6709970bdd23f4773da7afd40.exe
.exe windows:4 windows x86

71879e0ef23ef04fed94f36c633c7090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetFileAttributesExA
SetConsoleActiveScreenBuffer
MapUserPhysicalPagesScatter
TermsrvAppInstallMode
RtlUnwind
DebugBreak
EnumCalendarInfoExA
WriteConsoleOutputCharacterA
FindNextFileW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE