NEAS[.]0479da0bf3a8e563a390e01f63436910[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0479da0bf3a8e563a390e01f63436910.exe
Size

180KB
MD5

0479da0bf3a8e563a390e01f63436910
SHA1

26a3a47bf7647a33a934450fbd28aaf269139baa
SHA256

4025627048e123906c94fcedd2f608717452898b63d47968554bcaef8d003ddb
SHA512

b334774c9c7b625eb7e2e6336b56d92c85ac3b8eb6541af6bc06bacbd3be0037814337b0a6ce22008ae749f08f90cca4e55e0f16ab22a5756648960042b06b72
SSDEEP

3072:WswWQzxrLQnxMR+22bbkl/rmRb9PPSgncYFGdQdbC9d17l1Hdraf/1dZZzL4Tzym:KxWEu6rmR5P9nR+gUvRa1WqL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0479da0bf3a8e563a390e01f63436910.exe

Files

NEAS.0479da0bf3a8e563a390e01f63436910.exe
.exe windows:4 windows x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

.text
Size: 68KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE