NEAS[.]4a6c807f47634e99428aa88d2115e740[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4a6c807f47634e99428aa88d2115e740.exe
Size

119KB
MD5

4a6c807f47634e99428aa88d2115e740
SHA1

30e6e99e103cad63c132055d8068bcbd9c9a9a51
SHA256

1ff2c9f69a1d94674b193c2059707b8725417fe0ecf1232f087d52ea511f4dd3
SHA512

d3e29f676327f0e92c883fae88ef21ad16bb9bb293415b0ba39bf96bd671e7dbacb454186524fb0961b5aba595570498f72fe405ad01e9cc23834d818da7e557
SSDEEP

3072:4feRE1DvWZ3mOm0qTooS3eNMU4BWUY97GCU7/eT6:9E1DvW9G0qBUeP4BWUY97fe/eT6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4a6c807f47634e99428aa88d2115e740.exe

Files

NEAS.4a6c807f47634e99428aa88d2115e740.exe
.exe windows:4 windows x86

cf5878e9243605719ced9fad884ad71a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
InitAtomTable
DeleteFileA
StartThreadpoolIo
GetCurrentDirectoryA
DnsHostnameToComputerNameW
WriteConsoleInputVDMA
ExpungeConsoleCommandHistoryA
GetCommandLineW
WriteProfileStringA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE