NEAS[.]f9cd2bd39474a82e9dc7e129c3fe0430[.]exe | Triage

Sharing

General

Target

NEAS.f9cd2bd39474a82e9dc7e129c3fe0430.exe
Size

119KB
MD5

f9cd2bd39474a82e9dc7e129c3fe0430
SHA1

dd0f1873f38d57ee4ab5aeff14a6a7582f785769
SHA256

dff97e6cea0660d0906a86bc588ae85e83f13a4c7271076d0c6dafa536bdabe6
SHA512

e907f9092743043c2b1d940b4284a50c878767a69916ffc69337e170b5ced7b48349deda229de6b63e2f5e1d1c7e895844dc115b8b84a7e999a5b3d3e47ad9fb
SSDEEP

3072:LyaZKImlXqdnyUBUweCRlLpeTPMKvpf+Tc+PUmWYZcMBE:LyyAV6nyUBUweIlL0gKv1YbXBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f9cd2bd39474a82e9dc7e129c3fe0430.exe

Files

NEAS.f9cd2bd39474a82e9dc7e129c3fe0430.exe
.exe windows:4 windows x86

3ea60d1bca65548f638d5fc018563719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetActiveProcessorCount
IdnToNameprepUnicode
PostQueuedCompletionStatus
GetCommMask
GetThreadPriority
ReleaseActCtxWorker
PssFreeSnapshot
Thread32Next
GetFileAttributesA
SetComputerNameExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE