NEAS[.]14c50e1a80bcbe2d9f07d95d8476d670[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.14c50e1a80bcbe2d9f07d95d8476d670.exe
Size

62KB
MD5

14c50e1a80bcbe2d9f07d95d8476d670
SHA1

c7eeb7935fa5396f55d3e3b1c42dd46b647045dc
SHA256

6cd4f08a0fb456d49fef38442ef286c2d8f0cfec6d8f7e3207c4adbaa6c5764f
SHA512

8fa883b22f4eebd8592e275d8b8289f9be0a3801e5c8c566e0f2594ad09731308e08498394cb6c45728713b97097c350e131a136e6abfec352da7a5816051885
SSDEEP

1536:Ny/hADhpEUDvPyag3nv8Lnq4DeFZDTBSziWihRKssR:93EuSjnv8LqZFTSuW0PA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.14c50e1a80bcbe2d9f07d95d8476d670.exe

Files

NEAS.14c50e1a80bcbe2d9f07d95d8476d670.exe
.exe windows:4 windows x86

0b2b1ed0a771af65db3a97e6416ac267

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameW
GetPrivateProfileStringA
GetVolumeNameForVolumeMountPointW
CreateEventW
CreateFileW
QueryInformationJobObject
LZInit
GetComputerNameA
RequestDeviceWakeup
CompareStringW
VerLanguageNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE