NEAS[.]75c2b106bd9edcc07825dcb1a87abf30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.75c2b106bd9edcc07825dcb1a87abf30.exe
Size

145KB
MD5

75c2b106bd9edcc07825dcb1a87abf30
SHA1

7e46572207e80bf8956814c877d27b4c45472589
SHA256

4713e3d9382a3160957645348536f0df619cf60c77a25249e918532367e18edf
SHA512

141cbd1e2402b2d329969b03c7874d055c19d19e3f49237a3152c124b100d8fdd12781c0d8825980fe515f95ef5913f013d39ab088ee2beeaace5b7fdbb10cd6
SSDEEP

3072:PyRbZVCK4XXCd6yLAKj8ENKwdt84vX0TpdMy3WLxVw7:P8LCK4HrwVkW84odMyGLvw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.75c2b106bd9edcc07825dcb1a87abf30.exe

Files

NEAS.75c2b106bd9edcc07825dcb1a87abf30.exe
.exe windows:4 windows x86

9bd941641ff92f5a457030e9826698b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetCommandLineW
GetModuleHandleA
GetStartupInfoA
GetVersion
HeapAlloc
LoadLibraryA
lstrcpyA

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
PostQuitMessage
RegisterClassA
ShowWindow
TranslateMessage

Sections

.flat
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ