NEAS[.]0e314bd2e6b6844d1257213be4144eb0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0e314bd2e6b6844d1257213be4144eb0.exe
Size

119KB
MD5

0e314bd2e6b6844d1257213be4144eb0
SHA1

b6ff1449fb2c5ac9d05b754c46a2f43f29031a01
SHA256

d560e9cbbe602db72a9b1a0d1eac87a2fbf26d4a6d92e3c2317fad72c6906654
SHA512

5fee2d30b356181e6ea4cef3a2d6cf21748dfd51c082f3b965b2628ce22e45a713740926b5e12d43fda50263b136ed67022b8c09c515f9bb49dbe36dca1fba21
SSDEEP

3072:A1DOULTyuwzZyVJcu+dwIyRXHpfTq5AsRAgpr48TafR6ls9DdmMnP6IeQI5M3C:AF3SAkNafR6WHPpCe3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0e314bd2e6b6844d1257213be4144eb0.exe

Files

NEAS.0e314bd2e6b6844d1257213be4144eb0.exe
.exe windows:4 windows x86

dfdf78568a853cc1afaf0edede405ca7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
ScrollConsoleScreenBufferW
OpenThread
CeipIsOptedIn
GetProfileIntW
EnumDateFormatsA
GetBinaryTypeW
EnumSystemLocalesW
BasepGetAppCompatData
WerRegisterExcludedMemoryBlock
K32GetDeviceDriverBaseNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE