NEAS[.]2407804aeb259b269c3e01bf62042ce0[.]exe | Triage

Sharing

General

Target

NEAS.2407804aeb259b269c3e01bf62042ce0.exe
Size

119KB
MD5

2407804aeb259b269c3e01bf62042ce0
SHA1

5a5e5e93ea87cab16824c2e2592b2297b877d9c9
SHA256

08d9c37aa3dd2fa9ffaaacc25cf53cf1537141b1b06895dad22e0ae78408a83f
SHA512

07723f9f8a6589e48959cc009123db2539aa6ea4ca06914ea08808ab86d24d789de63da9dfd957fd9cf95237afa4f77dd0c4f0deb8e443da8da8e3f6df43b1aa
SSDEEP

3072:ecYETfwyCkvZeDaJWpxntI4ioW8ClFCqW:ecDDCewDg4x0hCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2407804aeb259b269c3e01bf62042ce0.exe

Files

NEAS.2407804aeb259b269c3e01bf62042ce0.exe
.exe windows:4 windows x86

a1b9d1497f280e3220e8ee9ee49abe7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetTimeZoneInformation
CopyFileExA
GetNumaHighestNodeNumber
IsSystemResumeAutomatic
GetVolumePathNamesForVolumeNameA
LockFileEx
K32InitializeProcessForWsWatch
RequestDeviceWakeup
CloseProfileUserMapping

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE