NEAS[.]9dac408ad22aa8a8320b7b2af4e48330[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9dac408ad22aa8a8320b7b2af4e48330.exe
Size

119KB
MD5

9dac408ad22aa8a8320b7b2af4e48330
SHA1

e5bdc07d272b7193b7aebbbdb7b0eddd7b9c0b9e
SHA256

7ad37ae7a2ab8709280a7b3bb821644e3d68344e1d4fe62f2773ad052767913d
SHA512

754cb7766f882f204743cfc188357e770d4fd168137f795524ae38bcebb93b1ab162e50cf7d7fb8b775934ac21c4be0ee77a672d5a916bac98261bd96c3b6d13
SSDEEP

3072:97O8TQtmlWw/7tQSDhyDVPMfZNotS1um2x2rRaBJcMfEMr:ZO8zWwTJhKkffT1X2MrABTvr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9dac408ad22aa8a8320b7b2af4e48330.exe

Files

NEAS.9dac408ad22aa8a8320b7b2af4e48330.exe
.exe windows:4 windows x86

15263b4664e4785aa99edd46fa7b1ab1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasW
GetCompressedFileSizeTransactedW
HeapSetInformation
PrepareTape
ReleaseSRWLockExclusive
QueryThreadProfiling
InterlockedExchangeAdd
BasepFreeAppCompatData
RtlFillMemory
SetThreadContext

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE