NEAS[.]a76153ee81a70852cea134cee9cb4c70[.]exe | Triage

Sharing

General

Target

NEAS.a76153ee81a70852cea134cee9cb4c70.exe
Size

119KB
MD5

a76153ee81a70852cea134cee9cb4c70
SHA1

dd27974187d59882f5696d11257617e1bf4b66f2
SHA256

aa4a70d7828b3e9cac021aa1c1107163095fd4a0539f201a60b4418687534e4d
SHA512

813182dc8eff54c4a4c7ad678bdc7f63e9f298e18929f8f560bb35bb7f8e981f60aab6cd91563eb991986ee3f134dcc33f9e680d0ce2098a51e6ffad4996b1af
SSDEEP

3072:Bx+LaLtiHCotoozPhskq5fKOAEYt0pT6oMZ:rSHWozSZFFAEhT6o6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a76153ee81a70852cea134cee9cb4c70.exe

Files

NEAS.a76153ee81a70852cea134cee9cb4c70.exe
.exe windows:4 windows x86

eac81ede405888695b7271c1504618aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IdnToUnicode
GetThreadDescription
IsProcessInJob
PssWalkMarkerGetPosition
CreatePrivateNamespaceW
QueryActCtxSettingsW
ResolveDelayLoadedAPI
GetCalendarWeekNumber
AppPolicyGetLifecycleManagement
GetUILanguageInfo

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE