NEAS[.]9ee75d8b1623dc651681b3dee0ff7a30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9ee75d8b1623dc651681b3dee0ff7a30.exe
Size

119KB
MD5

9ee75d8b1623dc651681b3dee0ff7a30
SHA1

60e0e69845be12d818eb750fc0ee337d7e40c866
SHA256

ba88d99577aeb411aa4042b29823624aa29cf5ef30df026e246b24d5dcc89fd4
SHA512

869c409a024fb039d8a9c08f27c0c63cbb557b4b783d3b2e6e64774710ef063accabfcabcf49b1d821abf7edbc22c0f81fc6de8a89c59d443d317d005142e7e8
SSDEEP

3072:NeNHYG+ZBtsM2KXlfITZuqGgdu2FLk1wE+c:wNXKVf2zGqVlUwbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9ee75d8b1623dc651681b3dee0ff7a30.exe

Files

NEAS.9ee75d8b1623dc651681b3dee0ff7a30.exe
.exe windows:4 windows x86

9cae685068c07a0e908c8327768c7883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
_lread
MapUserPhysicalPages
SetCommState
RegFlushKey
GetStartupInfoW
SetProtectedPolicy
GetFirmwareEnvironmentVariableExW
timeBeginPeriod
GetLogicalDriveStringsA
GlobalAddAtomExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE