NEAS[.]12583ba579eb359b1a67060508a02540[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.12583ba579eb359b1a67060508a02540.exe
Size

66KB
MD5

12583ba579eb359b1a67060508a02540
SHA1

a310e3cd7a218e8da631366f4bdbc0f8ebe330c6
SHA256

ac5fda07145b03aeafed989dfdd3d5799a9dc26e617052826c21b896552584a8
SHA512

b27b907f7663f70d0bc2b27cd2a2cae4025070ddb8360df1a660c57188ac912c1e01bc66ed4b57f675457069db7827059d4b28c8673245ba55942a38afbfb596
SSDEEP

1536:764ChHHD2FAmZwTz2K52unu8cCzG5xUdLL6u:2rhOAmZczIuBcCz4xqn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.12583ba579eb359b1a67060508a02540.exe

Files

NEAS.12583ba579eb359b1a67060508a02540.exe
.exe windows:4 windows x86

f21a36ae3e0a95ffad94b9514916d743

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteTapemark
FreeLibraryAndExitThread
EnumResourceNamesW
CreateProcessInternalW
PrivMoveFileIdentityW
lstrcmpiW
GetGeoInfoA
GlobalAddAtomA
SetConsoleCtrlHandler
QueryPerformanceFrequency
SetThreadPriority

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE