NEAS[.]ba6c8118a699885182bd15dc761db5d0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ba6c8118a699885182bd15dc761db5d0.exe
Size

119KB
MD5

ba6c8118a699885182bd15dc761db5d0
SHA1

bfd509514f30c81b3db78cdbce28dff0d5f2201d
SHA256

fc9f7fb3a52ce3aed4a606919300e15d049c1232d0e4f2533e97cc342c0aa1ec
SHA512

f1f85f42e403d75745845e0f029f42b365ae1393c92f8d03aee9b86e6af395d81b0fc0ad6f65b5c6d3e2c8c670d83989a9d843d157a51060149a7a618499be61
SSDEEP

3072:9D08qwPt0QBLhB7Y9XFT4YONymZ6MqYzkVh:99NPqA/dLZdqqkD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ba6c8118a699885182bd15dc761db5d0.exe

Files

NEAS.ba6c8118a699885182bd15dc761db5d0.exe
.exe windows:4 windows x86

607fec8405d5a8f7320e988e11296ab7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarDaysInMonth
CreateNamedPipeW
GetLocaleInfoA
SetFirmwareEnvironmentVariableA
GetFileInformationByHandleEx
FreeResource
GetSystemDefaultLocaleName
GetPackageApplicationIds
GetEncryptedFileVersionExt

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE