NEAS[.]141087fdfc9c34f24201defd645ff7e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.141087fdfc9c34f24201defd645ff7e0.exe
Size

56KB
MD5

141087fdfc9c34f24201defd645ff7e0
SHA1

57f891f019e34ce8d92e46c3bca385fd93d11393
SHA256

012c8eb7ecc68a73519f4c0c26d9512bc4e23fbd2fabe989268bc928f949f421
SHA512

7795024c1681fca077e998acc252ae530282f58d56187107e7ef1be02c4c13d367ed2164b02b0b8896014c71b13bc3a058c1a91810a77f004b8247e406011af5
SSDEEP

1536:A1KOp54dyBGC6LzlPN+EdMJlJOWKnXLjjmoEES:A1954d0GCchP+wTz7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.141087fdfc9c34f24201defd645ff7e0.exe

Files

NEAS.141087fdfc9c34f24201defd645ff7e0.exe
.exe windows:4 windows x86

81d1149935e3abf04930aa310e125206

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputW
BaseInitAppcompatCache
GetHandleInformation
GetFileInformationByHandle
lstrlenW
OpenThread
MoveFileExW
TlsAlloc
OpenSemaphoreW
RegisterWaitForSingleObjectEx
SetEnvironmentVariableA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE