NEAS[.]851c083ab53db39bc2daa8f1b8187bc0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.851c083ab53db39bc2daa8f1b8187bc0.exe
Size

119KB
MD5

851c083ab53db39bc2daa8f1b8187bc0
SHA1

49fa9c866a36273be9f090db92bc9b6e4c80b0f2
SHA256

70dfb99419bbbd8ca6b63798407087033099e08083d214d4cf152149893731ed
SHA512

e05e1eab1ff7de873de580310b08a57dadc7e2057eeadb9773e3a35183b652c7c471594467e32bb7e3315aadc57dd2ac18c2efe4f5c8dc3a166cebaeb9d5d700
SSDEEP

3072:dbERYn6tkvOzBO3bNeovwiBm+Fv0sw7Awr5Ik4A7UEoEWjO:dbIk8B0NewxBm+WFr5CA7U4W6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.851c083ab53db39bc2daa8f1b8187bc0.exe

Files

NEAS.851c083ab53db39bc2daa8f1b8187bc0.exe
.exe windows:4 windows x86

f458321ef50d283d9029cfc06899c99d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GlobalFree
GetVolumePathNameA
GetCurrentConsoleFontEx
SetConsoleWindowInfo
Wow64GetThreadSelectorEntry
UpdateResourceA
GetPrivateProfileStructA
DuplicateConsoleHandle
CopyFileTransactedW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE