NEAS[.]6befd8ee024d2e8d3ac217a113b1d380[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6befd8ee024d2e8d3ac217a113b1d380.exe
Size

119KB
MD5

6befd8ee024d2e8d3ac217a113b1d380
SHA1

dc949402858a5f2f809b34d34dbf2d70f141cd4b
SHA256

f0185c670b01527666e64731ee571ad941aa02833f5d4a7f527dd981eb55994f
SHA512

cda3ed0fcdbce2a412eba36d5dc3f6a6cb233c6af3e60d2665ae43d23afb9b4a07c359cf0b7f7c9aeed85404ed912f82c818b4fb5d16b82a4da9d80eb67a712e
SSDEEP

3072:eWzOObs8SMbo6lgUzgPQMKyn3Bo5ZXrttOvW1nMeyDRJ:V6qrFo6vMJn3BEBOu1MeIRJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6befd8ee024d2e8d3ac217a113b1d380.exe

Files

NEAS.6befd8ee024d2e8d3ac217a113b1d380.exe
.exe windows:4 windows x86

504123e84dc3d3ab281263c77430e14d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
OutputDebugStringW
RegisterWowExec
SetFileBandwidthReservation
timeGetTime
K32InitializeProcessForWsWatch
AddAtomA
GetNLSVersion
GetFullPathNameTransactedW
EnumerateLocalComputerNamesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE