NEAS[.]e70d78a25f3a25fb7788d2620661da10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e70d78a25f3a25fb7788d2620661da10.exe
Size

119KB
MD5

e70d78a25f3a25fb7788d2620661da10
SHA1

66073a06526ce8a968c5f0bd65ee89fa5a8ea3ac
SHA256

94f6165b8a11dbcb78127a62e5796936de3cf04ba9b8c84403027a0787171761
SHA512

126a37dd1f9b7d0ab1ba3fc12f4b6b2ed80c79cb16815d344d0dea1e280b335b47fe9d94fa43dd4488cb7401bcb21159bcde73277a6c94fa070d6c310b7115c5
SSDEEP

3072:/wV1UmwcWz7JgEUA98Q64QMPrDzz9o+KFI8:/Hdt3JgDlQ6yr+bFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e70d78a25f3a25fb7788d2620661da10.exe

Files

NEAS.e70d78a25f3a25fb7788d2620661da10.exe
.exe windows:4 windows x86

31dcbc6e1abb73f7ed82de6ddb1f7cca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNamesForVolumeNameA
BasepCheckAppCompat
GetFileSize
LockResource
SetVolumeLabelA
Wow64GetThreadSelectorEntry
SetHandleInformation
GetDateFormatWWorker
HeapCreate
InitializeConditionVariable

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE