NEAS[.]d45534d83735181849d290315576c8b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d45534d83735181849d290315576c8b0.exe
Size

119KB
MD5

d45534d83735181849d290315576c8b0
SHA1

d5eea9d1550280892a9b7722a554587069ecba6a
SHA256

3b95e4fbc56abd2ba5899d4b0351d126847cd6a9b0c2ea56af15e4bff6c0bf87
SHA512

9b9a7c4a76e381d2e563871ca9cf845264e4742365b2b0bb6696e6867b75977def2fb0cef121cc7265d6726bb7302675ac788d46f5dca95b094d5de9a8098914
SSDEEP

3072:7t+WTf01c5CVNWdQW0ykB/2VHrrfs158Itt:Bzf01UVZkB/qEf8O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d45534d83735181849d290315576c8b0.exe

Files

NEAS.d45534d83735181849d290315576c8b0.exe
.exe windows:4 windows x86

bf7a6ea0f703dd7213415cbe4e7e0477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesEx
LoadEnclaveData
PrivMoveFileIdentityW
VerifyVersionInfoW
GetConsoleAliasesW
InterlockedExchange
LockFile
RemoveDllDirectory
LZInit
ClearCommError
LocalAlloc
lstrcpynW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE