NEAS[.]fe871f8fbdafd8dd71133fbc3ec264e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fe871f8fbdafd8dd71133fbc3ec264e0.exe
Size

31KB
MD5

fe871f8fbdafd8dd71133fbc3ec264e0
SHA1

cc25ecf26861a92853d3f6b182d349f64bd0ba58
SHA256

122d37ac5f0786fce8eca15659c0a8277fffd081238c63da9c868ac9263045f6
SHA512

c65578eed3b9df4a95d638089ff7f63d6f8d76883197ef5f8ee16872a26c1e49ad571b5105ad87b597346c4b1fd720408cefaa552168a88dd34492ddd5fd7fda
SSDEEP

768:RPuCWRuY1NN0+spEs9vEbC5/ywAJ8VFQ:RbWR7152BEbuywASF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fe871f8fbdafd8dd71133fbc3ec264e0.exe

Files

NEAS.fe871f8fbdafd8dd71133fbc3ec264e0.exe
.exe windows:4 windows x86

b66f2358dd28c855cd1bcb856d84a6ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ntdll

NtSetInformationThread

shell32

SHGetSpecialFolderPathA

Sections

CODE
Size: 24KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE