NEAS[.]fccb13dd44fd0179d0c5718aa5b287a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fccb13dd44fd0179d0c5718aa5b287a0.exe
Size

119KB
MD5

fccb13dd44fd0179d0c5718aa5b287a0
SHA1

2dbf53f3d3beb16d464359d9f728cc3ba229d45b
SHA256

996ab4269f506ed397d87f7f0f0980b37e79e6d561bfc9138867abb25c9057af
SHA512

f502277b290375ad1e7bda37a0da047679dc18f2c5bdae93d3531567268a6c903fa5940f86cbb9b6024c2659541f176d1dc0285e7a1b9d62679ec728e1f492de
SSDEEP

3072:HfWE4qATxyQ1qUKTvN1DwkCKQWZitH5zO5Jzzzsw0fc:HeXZQQ1aLDhVw5OTz+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fccb13dd44fd0179d0c5718aa5b287a0.exe

Files

NEAS.fccb13dd44fd0179d0c5718aa5b287a0.exe
.exe windows:4 windows x86

bdf463d9b8edd1af5cb00e42722408dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseCheckElevation
CreateSemaphoreExW
CreateSemaphoreExW
GetNamedPipeInfo
RtlPcToFileHeader
SetProcessAffinityUpdateMode
DuplicateConsoleHandle
GetProductInfo
CreateProcessInternalW
SetNamedPipeAttribute

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE