NEAS[.]bca30e5c6f5c79701ac2fefa1f144ff0[.]exe | Triage

Sharing

General

Target

NEAS.bca30e5c6f5c79701ac2fefa1f144ff0.exe
Size

119KB
MD5

bca30e5c6f5c79701ac2fefa1f144ff0
SHA1

e0ea11c0535a7990778596aba10946805e30ecc2
SHA256

a590ae3825cb5c8a61a4433bc8d8d7ec0b12851baf0a3787e4227c786298e550
SHA512

c341af8ef8b56c1e7eb82139a3cc3173125d670247d8b9a2ba6c37d351cd8f5b8028e8c8b6dbe67af718d44615d97bdae2b9697e8a4d489937c90714038846cd
SSDEEP

3072:oqDdsvXjSRMdtUQCajAmV5l1unkSJ1GG0F7kRV:olXjmMdtJCajHVtuk+90F7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bca30e5c6f5c79701ac2fefa1f144ff0.exe

Files

NEAS.bca30e5c6f5c79701ac2fefa1f144ff0.exe
.exe windows:4 windows x86

06cfaa67ba1728ff562a47ae585862b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleInformation
Module32FirstW
PrivCopyFileExW
GetCPInfo
RegLoadMUIStringW
GetXStateFeaturesMask
lstrcat
GetDefaultCommConfigA
DefineDosDeviceW
RtlUnwind
CreateBoundaryDescriptorA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE