NEAS[.]030d66fd8469aaf3b748a4fc2dd98330[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.030d66fd8469aaf3b748a4fc2dd98330.exe
Size

180KB
MD5

030d66fd8469aaf3b748a4fc2dd98330
SHA1

d7885ce620264c2734c25ddb0444ba06ab966c6f
SHA256

7fb20f25f37672bdf2978e12849602c93b9a1655d937df1b75485c4428d2cca7
SHA512

d049df5ddb76b136d925267f6b38a562b1a930d75a15085f44bd029c09c6a41e1fcac1d828a9b9e64508374d39ed70e738cca4790b618170795437621ead9a3b
SSDEEP

3072:eYXZpyiYLQe6hY61eF98KkByjlwToiP7UX+mPo4XyftVserZA5cDF3vGb7hhcv:Xyi5arkyw+uBtOx5pnTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.030d66fd8469aaf3b748a4fc2dd98330.exe

Files

NEAS.030d66fd8469aaf3b748a4fc2dd98330.exe
.exe windows:4 windows x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

.text
Size: 68KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE