NEAS[.]765ff0887d9de85e00374df083f5d0c0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.765ff0887d9de85e00374df083f5d0c0.exe
Size

119KB
MD5

765ff0887d9de85e00374df083f5d0c0
SHA1

7e6297600432e20b141220ee3af87cf6cc31598c
SHA256

b518dcb9f7641ed29a6821dccb50595ad421c7200fe134b4e2e1a303e945b55e
SHA512

893999948b3243390dac1e02021d4e12ed5a2b5ea1d5cf3b80669a5d41b59b2e017708efd9e9c8b4dacc3c34f7b1823dc6f3208cd2276c8417e3aa4c463b1352
SSDEEP

1536:ys2FoireYz1y1aliHbiS3IjFnFQ+gV4jQYB2zHyCyXM+p6VAUtdJxbkDoLeVSnv2:Y31QdiSmhm4jQYQSCkkVxXhk9UnvKr84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.765ff0887d9de85e00374df083f5d0c0.exe

Files

NEAS.765ff0887d9de85e00374df083f5d0c0.exe
.exe windows:4 windows x86

c59c3f031d3d8fce1f85264197127cc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
ReadDirectoryChangesExW
BaseReadAppCompatDataForProcessWorker
CreateHardLinkTransactedA
SetThreadStackGuarantee
WriteTapemark
CreateFileMappingW
EnumSystemLanguageGroupsA
CopyContext

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE