NEAS[.]2f14b1baa7f599e0ef419c960c0d2080[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2f14b1baa7f599e0ef419c960c0d2080.exe
Size

119KB
MD5

2f14b1baa7f599e0ef419c960c0d2080
SHA1

63179a7f5d3a93bba85fc82ae3c6d69d8555a1d8
SHA256

aeb80f9023ed1796adf588b411e00908ad353c0a9ed0c32e3b0c7f268bb29206
SHA512

cc8ee7659c95e3cee228036277a4260fcfc0396eb33b846b0485edfcde457626149fac7c432565c2f5518eb228abf8d2add5da87d6cf6a35138a5bf969eda96b
SSDEEP

3072:T8eZST0Db6Dti5iBC5/YYiqlDm/lhaWvfu:TNQTIbSDQalhaWv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2f14b1baa7f599e0ef419c960c0d2080.exe

Files

NEAS.2f14b1baa7f599e0ef419c960c0d2080.exe
.exe windows:4 windows x86

558bf7dc0cbd40ae6d83fc851d04f9c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OOBEComplete
QueryFullProcessImageNameA
GetSystemDefaultLangID
FreeMemoryJobObject
GetSystemTime
LCMapStringA
IsWow64Process2
GetCurrencyFormatW
GetLongPathNameA
SetProcessMitigationPolicy

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE