NEAS[.]68064a08c5f9fa97a0ba1dc5c0ace510[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.68064a08c5f9fa97a0ba1dc5c0ace510.exe
Size

119KB
MD5

68064a08c5f9fa97a0ba1dc5c0ace510
SHA1

c1e75fb06cf84b0d8afb37a628b7ca735349e3fe
SHA256

6831632d649fa9d05cbe67e5154880ac12ca20032bdc13a4242a173345c7a046
SHA512

d2fd007baffee2937c516ff12ce67c041d2c278bdb1b1a732d41f2c4d72c54e329ad9777dab1f4b1c7064298fb9c76f7aeb222eeebcd9dae99d22511c8819c0b
SSDEEP

3072:l9mHOe76bKDrQQCkFJ4WhzrFR5VDtHBJlUq/ZFR:lcn3Q/MJhBTVphJKq/ZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.68064a08c5f9fa97a0ba1dc5c0ace510.exe

Files

NEAS.68064a08c5f9fa97a0ba1dc5c0ace510.exe
.exe windows:4 windows x86

a9be73d0499c53f96c3538364eac8a82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
GetProcessAffinityMask
CreateFile2
GetDurationFormatEx
FillConsoleOutputCharacterA
GetThreadPriority
SetCurrentConsoleFontEx
GetConsoleAliasesW
lstrcmpA
WaitForDebugEventEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE