NEAS[.]65cc631f9e5c361a84caa145faf982a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.65cc631f9e5c361a84caa145faf982a0.exe
Size

119KB
MD5

65cc631f9e5c361a84caa145faf982a0
SHA1

276ff65bbd778a195d90affa21f2c9b6743b9260
SHA256

b29bda020662f94ac4d9080c766945ae5fd8bc0b52ab8bb4e664504cc5a46d6a
SHA512

79526e6dafc7074731bb6870fd371f9d619b5b328895b0cf62140f26e67e2569ff860483c281845bfcb097075e61390450eb5ed2a00d7e05ee11536f65985707
SSDEEP

3072:k++E2TD46qoqTy4MJ644PPRJc0jreP+DpFRlU66xpa:YXq+4MJ6fRJGUFRox0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.65cc631f9e5c361a84caa145faf982a0.exe

Files

NEAS.65cc631f9e5c361a84caa145faf982a0.exe
.exe windows:4 windows x86

72ee8a9b58d25d83a59bc8f73df8d9c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameTransactedW
PeekConsoleInputW
GetCurrentConsoleFont
BasepCheckWebBladeHashes
InitializeCriticalSection
FindResourceA
RegLoadKeyA
IsProcessInJob
K32GetMappedFileNameW
EnumCalendarInfoExEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE