NEAS[.]a8b787428b8dc4a1081b77befc7f32b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a8b787428b8dc4a1081b77befc7f32b0.exe
Size

119KB
MD5

a8b787428b8dc4a1081b77befc7f32b0
SHA1

4f59e493a73994ce734cef1a35454615639d34f2
SHA256

9704634123a77535670c5d4928d804119a59e380890d9294b335e8ec87d74815
SHA512

71657eeca47aa1c869631cd43001dceacee63693ae92a4d0ac5f3be61daac614b82c5e2160ccf506219b998abce018dd44423e1a1991073a75c9e62a68b2ea63
SSDEEP

3072:R7GI0jT5QzsEnJ7Mrj+qrVHe7BFA8uhueiZeQahzSasV0:KoTMjhdKbA8hZVahzLsV0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a8b787428b8dc4a1081b77befc7f32b0.exe

Files

NEAS.a8b787428b8dc4a1081b77befc7f32b0.exe
.exe windows:4 windows x86

d06ee064e4715ac0970a29314af443e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetBinaryTypeA
BaseDumpAppcompatCache
ReadConsoleOutputW
GetNumaAvailableMemoryNodeEx
OpenMutexA
GetCurrentProcessId
WritePrivateProfileSectionA
EnumerateLocalComputerNamesW
TermsrvSyncUserIniFileExt

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE