NEAS[.]1939e522a3061d3e91cf35c604e69d60[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1939e522a3061d3e91cf35c604e69d60.exe
Size

119KB
MD5

1939e522a3061d3e91cf35c604e69d60
SHA1

b357c61dd36c0d42190ff2ead24eab467a8dea0a
SHA256

559e8f033087fa51b4adb2bc54ccbc18bb3a141652dfd50d231f9356b70d1c32
SHA512

e9e3f8e5e9a5b0b3f8bde8fe629a47a7bf4a2f70f883e8117dc8b942bb5a59f130a1830286a29f8ce119c95c1af0b04a953a6e7cab2506b03be865e75fabb9c3
SSDEEP

3072:pB0LEDTLutAq5cmmSDGjgaT30kbAxsb+zrsQFRz69K6SwwV9d:/5QcmmSDzm/whzYLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1939e522a3061d3e91cf35c604e69d60.exe

Files

NEAS.1939e522a3061d3e91cf35c604e69d60.exe
.exe windows:4 windows x86

3343753eaf7d8ceaaa445f7eda90eed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetIoRateControlInformationJobObject
LocalFree
K32GetModuleFileNameExA
ExitVDM
SetDefaultCommConfigW
LoadPackagedLibrary
GetStringTypeExW
CompareStringW
WaitNamedPipeW
GetVolumeInformationW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE