NEAS[.]97ced3705f01e00e8f19cbc975f0d8f0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.97ced3705f01e00e8f19cbc975f0d8f0.exe
Size

119KB
MD5

97ced3705f01e00e8f19cbc975f0d8f0
SHA1

15632aeb0927f3575b5b9b702be8c608b939ef55
SHA256

570f33ca36540cc0e9614c28a61a4f722edfb6579771ef8cd25f7ae64a69fc11
SHA512

749d6e3af20d63d9c554881ca37518e9c745585b9e1bbf2b4b42665cc744b0d26853c0467dea1bb41df3007cb40765f2ea78c1646d8807888a231a30cb78869c
SSDEEP

3072:gdwyDPy/W7EQ6drHjHKLTxs8gUSsLxoBZym/Lsvz8a8r2wlV:gIW8VWBjmsm+LvzV8r2w/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.97ced3705f01e00e8f19cbc975f0d8f0.exe

Files

NEAS.97ced3705f01e00e8f19cbc975f0d8f0.exe
.exe windows:4 windows x86

b76049dbf982865075753d967d9ccb31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SleepConditionVariableCS
BaseGetNamedObjectDirectory
SetThreadGroupAffinity
GetPackageApplicationIds
WriteProfileStringA
GetLocalTime
GetTimeFormatEx
GetAppContainerAce
BaseUpdateAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE