NEAS[.]338aa66d2aee230d66b6cbc16fc6a930[.]exe | Triage

Sharing

General

Target

NEAS.338aa66d2aee230d66b6cbc16fc6a930.exe
Size

310KB
MD5

338aa66d2aee230d66b6cbc16fc6a930
SHA1

5d4564c50a7c6892dc2562ddcd8af53b44774cd5
SHA256

9c24b2573a43c06b6d325d7bc935ac482db033d6d6662a584642ac40583c5781
SHA512

3c823d57d0dbf64fc7cfa7075ee5ab7e147a0340baed07a803342accd6515824dce8fbd7bb522aed0f95aae4c8cdeaf3ded408ee06c7da0c3eb2ad9ab003c948
SSDEEP

6144:kBOJoU/CDRdMgxOIGJq+v3YCkg/yt6o9Nh:6OJo24RdMgxOIkqD9g/c62L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.338aa66d2aee230d66b6cbc16fc6a930.exe

Files

NEAS.338aa66d2aee230d66b6cbc16fc6a930.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rqvas
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ