NEAS[.]14e976d934d214b7d661c6df489fb030[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.14e976d934d214b7d661c6df489fb030.exe
Size

119KB
MD5

14e976d934d214b7d661c6df489fb030
SHA1

ae6fddacccc4a85dea6118cd49f5dd016117f4af
SHA256

1149a53dd2f73ed2935e5a4c0f19a850c5220099080ecd40d7deb87aabe7ca6a
SHA512

559effd8609401cd7dc5ecc6b0bcc25f02b049e2140ad6835ca6ce3d692c167c6572e0e7287d81ecbeab3548bdca2d906f596c3811c6f6708d98e989aa822a58
SSDEEP

3072:q0DKIKBGmD9jBo9WgHvFQ6FYHdSPwESPXs46PkZKie5Qf1F:vv2GG9SWgHvFQ/HdSFSPXsJPkZKieYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.14e976d934d214b7d661c6df489fb030.exe

Files

NEAS.14e976d934d214b7d661c6df489fb030.exe
.exe windows:4 windows x86

f0381e20b87cf5a0692d8490f4b96e2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindStringOrdinal
EnableThreadProfiling
AddRefActCtxWorker
GetNativeSystemInfo
QueryIdleProcessorCycleTimeEx
TlsAlloc
GetCalendarSupportedDateRange
EnumSystemLocalesA
AppPolicyGetThreadInitializationType

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE