NEAS[.]e677c95e2b4b7f8a3cbc3177ca77a190[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e677c95e2b4b7f8a3cbc3177ca77a190.exe
Size

119KB
MD5

e677c95e2b4b7f8a3cbc3177ca77a190
SHA1

2c9d0dfe8ea831757aa22d271962ec64b546723c
SHA256

14c21b9021bf8c5fe573124b03d6500b85583db8ef7d6e8a98ddda9886715594
SHA512

11364e4f5266396c3015f0e30bf567d98fe380a09afb9795b7bb336305c31791a059c0a18e97c532f7a2d5a15a342435ee36586e0f8bb0c4c83d479ad2ba90ac
SSDEEP

3072:jSU9GtG4KpfyBK2MVGZFWEHw0UT+La+/XYwsiwYLb:jS+Go4KpfykGbW8w0USJ//2Ub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e677c95e2b4b7f8a3cbc3177ca77a190.exe

Files

NEAS.e677c95e2b4b7f8a3cbc3177ca77a190.exe
.exe windows:4 windows x86

ea96f938c141e9a5928551ab551a5c87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Thread32Next
FindFirstStreamTransactedW
FormatApplicationUserModelId
SetFileAttributesW
QueryInformationJobObject
GlobalAlloc
GetProfileIntW
GetPrivateProfileSectionNamesA
GetDateFormatWWorker
RtlPcToFileHeader

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE