NEAS[.]c20a50417041523c621ae526f5949ed0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c20a50417041523c621ae526f5949ed0.exe
Size

44KB
MD5

c20a50417041523c621ae526f5949ed0
SHA1

a23be8554d3e35c15fd327b9b850e7df4dc24530
SHA256

903cf3adac33506078a0471c9eb53d04f8f6d12df0d348ef0eba626d86fcc9fd
SHA512

9fbf8579b4a8f7dcf23eee093c046643f7f28e4c21bad80c194cdb5dfee66cf6b4daa55264c04489c1af94798dbe3bcac86fc657f710323382169f861e7e15d6
SSDEEP

384:ukkHfMx3TUMQkzSSNSz3bXwUYTUURU0vEc7AXYK/ZyRUf8QRfQJLYKp9sXv0KMLu:u4By3rwUYGc7A7/ZyRSAYTUz+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c20a50417041523c621ae526f5949ed0.exe

Files

NEAS.c20a50417041523c621ae526f5949ed0.exe
.exe windows:5 windows x86

d304ef8e9e8393c0028c6e2332cf21b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
DialogBoxParamA
SetScrollInfo
MessageBoxA
SetWindowTextA
EndDialog
GetDlgItem
ScrollWindow
DestroyCursor
CharLowerA
ShowCursor
SendMessageA
DestroyMenu

kernel32

GetProcessHeap
CloseHandle
GetStartupInfoA
CreateDirectoryA
GetVersionExA
ExitProcess

comctl32

InitCommonControlsEx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ