NEAS[.]80280716c8688991b27b6344dc4938b0[.]exe | Triage

Sharing

General

Target

NEAS.80280716c8688991b27b6344dc4938b0.exe
Size

119KB
MD5

80280716c8688991b27b6344dc4938b0
SHA1

b26beff94955497b67f0d128db510075ac5fe1b2
SHA256

1415ba5b4bda88468f610034508b652d3d0923b366ad74544ec09bd0ea0ee326
SHA512

30307938ffe4507addd3894fbf115413ae6311cf26ef71cc6ed7e89fb3bf6717f3b9346b43a586269a3eeef77398089b707c40cb697899782d26b0b9039aa721
SSDEEP

3072:YreXrQlq3jbBaoHwcTlHKolW9ZPSrTcaB9u7vT89SNdplYP:z/HPlVW9Z4IT89SNE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.80280716c8688991b27b6344dc4938b0.exe

Files

NEAS.80280716c8688991b27b6344dc4938b0.exe
.exe windows:4 windows x86

c5e0dfec7c064469cb17677129a941da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumaProcessorNodeEx
GetPrivateProfileSectionNamesW
PssWalkMarkerSetPosition
WerGetFlagsWorker
SetCommTimeouts
SetConsolePalette
GetProcessVersion
GlobalGetAtomNameA
CmdBatNotification
ReleaseSRWLockShared

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE