NEAS[.]c54d8e9a6b93d61ef3e5eb8f8aaccc30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c54d8e9a6b93d61ef3e5eb8f8aaccc30.exe
Size

119KB
MD5

c54d8e9a6b93d61ef3e5eb8f8aaccc30
SHA1

4be8a4196997fd55c95e74b7100e5cf3adfda850
SHA256

4d8b0bc56e8073a5ea0d9516be1d71cec78d2c1e62933ed9c3801687ea9a6a2e
SHA512

56bbce5ae2e035b97e7e20516ebb83f1bdbcb964735a4975cb81f7f36cc4567151ba0f09ff6df36ed128e2fe80a721616adc9f80b95df46b85e07ead4c0e9398
SSDEEP

3072:sRkJv06vXdk1YIfAKOrqef6ELDz9px7TawhgPhi:2kJv0WHaNEJpx7TawqZi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c54d8e9a6b93d61ef3e5eb8f8aaccc30.exe

Files

NEAS.c54d8e9a6b93d61ef3e5eb8f8aaccc30.exe
.exe windows:4 windows x86

701b530181dc61ba9d2d1a62e0ee20d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDurationFormat
OpenJobObjectW
CreateProcessInternalA
GetConsoleWindow
SetCommBreak
SetThreadInformation
CompareCalendarDates
K32GetProcessMemoryInfo
HeapFree
CommConfigDialogW
GetLocalTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE