NEAS[.]ee0ed385df787f3fd2603817d757eae0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ee0ed385df787f3fd2603817d757eae0.exe
Size

18KB
MD5

ee0ed385df787f3fd2603817d757eae0
SHA1

d5dbd210d7ace6f29e53b79a321b300bcd3098e9
SHA256

253b4cddb1e74c372222fbaad1adc230adce6ed7eeaf9182c551bf5028421c59
SHA512

ef921b972739e8f734f0cab4a55eef4a66f03799430dc6578fb988d783bbc3d3d802e7a9e0984e8b2c3aa369976fdae8f7e5532c25f0e68e7795e37776459439
SSDEEP

192:6Z/h/XnCecxfpuba/dPjppFDZYp7343DfsaftI5uTh8ZMf24oH7s61NoN/sa:y/hPwRca/jpFt7D0B8njFt0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ee0ed385df787f3fd2603817d757eae0.exe

Files

NEAS.ee0ed385df787f3fd2603817d757eae0.exe
.exe windows:4 windows x86

39ec0d3c6ac56e20e2ecd800d7cc4361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualProtect
GetTickCount
LoadLibraryExA
SetConsoleCP
InterlockedExchange
WaitForSingleObject
WaitForMultipleObjects
GetModuleHandleA
GetAtomNameA
GlobalUnlock
HeapReAlloc
GetCommandLineA
GetConsoleCP
GetSystemDefaultLangID
GetVersion
CompareFileTime
SuspendThread
lstrlenA
GetStdHandle
CloseHandle

user32

DestroyMenu
DragObject
GetKeyboardLayout
SetWindowPos
InsertMenuA
SetPropA
FindWindowA
DragDetect
DialogBoxParamA
GetCursorInfo
CreateIcon
GetKeyState
DispatchMessageA
DrawCaption
InvertRect
IsDialogMessage
GetDlgItem
FillRect
SetScrollInfo
CreateMenu

winmm

OpenDriver
PlaySoundA
auxSetVolume
auxGetVolume
CloseDriver

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ