NEAS[.]80650c73459f3eceb6f2703976183a10[.]exe | Triage

Sharing

General

Target

NEAS.80650c73459f3eceb6f2703976183a10.exe
Size

119KB
MD5

80650c73459f3eceb6f2703976183a10
SHA1

cd0337a9ad4b96b2b935c495ea96ea2e2c0dc89c
SHA256

43876d8f7755ac1fb6303aee929a55b832c263f50f3837055e20a8736734d2e7
SHA512

a58f5596a737cac3e6cbd8d67fd8f4b1d7d7409874d96da44bc6a3288b21dfa4c03209557073fd0f25432e33f4d67990878fcee4c8166ac0c185a5ca34883fc9
SSDEEP

3072:EgBUKiaJv3JuTUuk4z3do6PzPUQVMoLs6KMcXhNbog:EwiaJv30c4z3dodQ46ChNog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.80650c73459f3eceb6f2703976183a10.exe

Files

NEAS.80650c73459f3eceb6f2703976183a10.exe
.exe windows:4 windows x86

589906aeb9ac629997297d7b87deb2f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibraryAndExitThread
ParseApplicationUserModelId
BasepGetComputerNameFromNtPath
GetConsoleAliasesLengthW
FindFirstFileTransactedA
GetProcessDEPPolicy
NlsEventDataDescCreate
LZCreateFileW
Heap32First

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE