NEAS[.]74564ba310bf86d8401b0e430ff04950[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.74564ba310bf86d8401b0e430ff04950.exe
Size

119KB
MD5

74564ba310bf86d8401b0e430ff04950
SHA1

46d42f3f2f39656c471f354864d6aac91eb8f750
SHA256

6bedcb55692ac6587afd05abd1aa0c6f20d38d8da3fc878d538fb07cd6af3354
SHA512

660852edfdfa8d9e5c4a919106c9b43ac30046112e1089b0b8271326cad1bae72c662eb395e3499df060ace061851e7d6578049bcf2f4be485b6d0b25580f483
SSDEEP

3072:kfOWaUkIbh7SX5Z4t3RwIrpIsbpawPA3yBSL29p:kfOWaUpbh7SXot3RwIrpIopvA3yBDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.74564ba310bf86d8401b0e430ff04950.exe

Files

NEAS.74564ba310bf86d8401b0e430ff04950.exe
.exe windows:4 windows x86

8eb8bb2f11c2a4b680b81d528894e95c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
SwitchToThread
SetDefaultDllDirectories
GetNumberOfConsoleInputEvents
AddSIDToBoundaryDescriptor
SetConsolePalette
RegDisablePredefinedCacheEx
OpenFile
GetPrivateProfileIntA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE