NEAS[.]66997d21c67dc6fa7e151d71832c026f[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.66997d21c67dc6fa7e151d71832c026f.exe
Size

71KB
MD5

66997d21c67dc6fa7e151d71832c026f
SHA1

f9ce5598c1a0a7df616e056b9a8a74a6ba1db0b8
SHA256

64302bf02f3e200b92ac86c5f6d4d1809d7ff76fbc7c6e5fcf07b728638a4d2d
SHA512

0beb66695c32cbc79d1302eab3289381d6109402894fb8a76553340561635a23fd116c19b1d30d7592e0969c327a52469021c37ef0831e8d0c6156943cf66244
SSDEEP

1536:OXsKlrw/F2d49XUW0O6DD1HIeQf4yox3SLVl9t9bcNEsNRQRDbEyRCRRRoR4Rk:OXsKlrwwqL0OEDygZx3Sxl9TbcNEUe9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.66997d21c67dc6fa7e151d71832c026f.exe

Files

NEAS.66997d21c67dc6fa7e151d71832c026f.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajelhf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ