NEAS[.]05b460fa8535f0d6814d49f24fc18880[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.05b460fa8535f0d6814d49f24fc18880.exe
Size

16KB
MD5

05b460fa8535f0d6814d49f24fc18880
SHA1

8ef4c45b219bf3ac22825d057cdd10ed895eba66
SHA256

ed4396c6bf01cde8b0ec8a085fdc586ebf7d76f1e6970a89a7375abb2928ed08
SHA512

cccfd6ae6906470f95a667a8a23d6d5ef61162f25c93c0bacc578e2e70e110cb8ce7343530514fbe946e59c60c857af42e33869c7cbeab1289f63a9be34af484
SSDEEP

192:uDLsZ2UVVWHR5Be64wHbLE4VAIgi3TAnVawz5ChRQNy6NYmCOJ1oZCW7azwE:uDLGzORm64WnE4CLi3TAVjiQJ6mBky/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.05b460fa8535f0d6814d49f24fc18880.exe

Files

NEAS.05b460fa8535f0d6814d49f24fc18880.exe
.exe windows:5 windows x86

df31de49f0d6f3fff99a4cd1547d55a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineW
GetModuleHandleW
GetSystemPowerStatus
LoadLibraryW

user32

GetSystemMetrics
CharLowerW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ