NEAS[.]1228c7721817d76fdb6d8ce3af00c240[.]exe | Triage

Sharing

General

Target

NEAS.1228c7721817d76fdb6d8ce3af00c240.exe
Size

76KB
MD5

1228c7721817d76fdb6d8ce3af00c240
SHA1

3696877066b06161953ce5a60a755357e83e07a1
SHA256

8d379529896aaab69f4c9bf81c7b4fb410f04f45290af3fa8f29f88a61d9a63a
SHA512

fcb6f9e9c631a67904e0689a33b2375402b9284abba9acdfbfc91dd65e60412d8be1031824ad087bb37373ca8e364bee3200911909f0c37f02458781179f82f1
SSDEEP

1536:JxNQINt1Yqxjae+Y6tmzM1ZdK0+kPWg/CZ5z2kyRsU/edhZKz/U85:5QYtRAeUtHbEoPFaZVqR5ekT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1228c7721817d76fdb6d8ce3af00c240.exe

Files

NEAS.1228c7721817d76fdb6d8ce3af00c240.exe
.exe windows:4 windows x86

4e54e65a1752c57f75c49d4331ff0d30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreateTagsW
WriteConsoleOutputCharacterA
CompareStringW
OpenWaitableTimerW
GetStartupInfoW
SetVolumeLabelW
SwitchToFiber
GetConsoleFontSize
GetProfileIntA
IsDBCSLeadByteEx
GlobalGetAtomNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE