NEAS[.]9f3138660eec6d31b75fa7c5f9336370[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9f3138660eec6d31b75fa7c5f9336370.exe
Size

119KB
MD5

9f3138660eec6d31b75fa7c5f9336370
SHA1

88dfb95d036d30f4134f4e4e73d9b5370794ac77
SHA256

0e664b654ab2d019b43f93e470d71a6e070ed39e82b9e3929e8b101bfd0312f7
SHA512

600482614bbd49f8aae3291a14fbb17ad43d283b286e4e72754548729f730a459c284564b54dc29f867ea25dc8826d42b0fd43eb612f7f02887c16949598b9cd
SSDEEP

3072:glyC4xGoiv3kh0TGPzeAkXbT74QV395Mo8Fm/K:YyC4xGoi6cGbeAkXb4cEFUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9f3138660eec6d31b75fa7c5f9336370.exe

Files

NEAS.9f3138660eec6d31b75fa7c5f9336370.exe
.exe windows:4 windows x86

aeb7b383fa0894e09b6a136cd6145b63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentPackageFullName
GetNamedPipeHandleStateW
GetCurrentThreadStackLimits
GetConsoleAliasesW
RegisterBadMemoryNotification
RequestDeviceWakeup
SetProcessAffinityMask
PurgeComm
WerpNotifyUseStringResourceWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE