NEAS[.]e7311e5abda014a46e2abe2f8b214590[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e7311e5abda014a46e2abe2f8b214590.exe
Size

2KB
MD5

e7311e5abda014a46e2abe2f8b214590
SHA1

2dcf13f49b0e562765466664b29d07020a47f25a
SHA256

aea6a3ee49387985608adde4921458565c4ca6b7e8c78284e3d6bf3bcde4615e
SHA512

6f879ad6c65a707a64c2acd3445fb9b98a1b0a358ec6a347d25603ac7eaed29e1d5e6c2bebf2a599fa6ad40b0e204ada353a62ba76e4988e1fe62069145a61c7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e7311e5abda014a46e2abe2f8b214590.exe

Files

NEAS.e7311e5abda014a46e2abe2f8b214590.exe
.dll windows:1 windows x86

c70d5c988ac14352d0d95865cf29425f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
RtlFillMemory
RtlMoveMemory
VirtualProtect

Sections

.code
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_WRITE