NEAS[.]00cdbf116522728038f3bf24ccb156e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.00cdbf116522728038f3bf24ccb156e0.exe
Size

320KB
MD5

00cdbf116522728038f3bf24ccb156e0
SHA1

45e7ef7ddd3f5927286f08c192ba89a0dceac92e
SHA256

f8afccb79ec7b2956f41718b6f91514c46f1082174df6060ec4b6f45408824da
SHA512

c2d805238c6878edf8ae588512f915c0003925b40a9e92af609d98c88d449eed10d44297b4e5a2b6a9d14ddbda0568439dd2a23aec962bd176a4e68bcb1faccc
SSDEEP

6144:vAN4GmCsfaR5H2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:vRCLRx2EB0NxDIBuOFe7/uT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.00cdbf116522728038f3bf24ccb156e0.exe

Files

NEAS.00cdbf116522728038f3bf24ccb156e0.exe
.exe windows:4 windows x86

60f7b13c303f881782afb87ebe440e63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleNlsMode
ConvertThreadToFiber
RegisterWaitForSingleObject
SetStdHandle
HeapUsage
WriteConsoleInputA
SetStdHandle
EraseTape
FreeConsole
GetConsoleTitleA
FoldStringA
GetPrivateProfileSectionW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE