NEAS[.]dd1200655c6acff2c7a4d4d3a0c86399a9f23823535e9e6224860a521f360678[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dd1200655c6acff2c7a4d4d3a0c86399a9f23823535e9e6224860a521f360678.exe
Size

736KB
MD5

2b7f57acb70c816b7d1f4dd6adf7a708
SHA1

3ed5f35141566dce843ffe38b93e3e3a1bf507cd
SHA256

dd1200655c6acff2c7a4d4d3a0c86399a9f23823535e9e6224860a521f360678
SHA512

c54964d0693105a044bff14133d07f739271498398f5059713e2555fe0377682a5b4e86832bc42ea7422937c8aa98e9a951be0e7702c376461b1a8f444e1ede1
SSDEEP

12288:CoQmTN46xNTvp5VL6HKjnowj++nU6YaeDVekMzDY+yXLQY3CYwGiLb9BzLu2P43z:xQmTd7zVywj++nTLYekMzMVLyYwGiFRb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dd1200655c6acff2c7a4d4d3a0c86399a9f23823535e9e6224860a521f360678.exe

Files

NEAS.dd1200655c6acff2c7a4d4d3a0c86399a9f23823535e9e6224860a521f360678.exe
.exe windows:4 windows x64

47bc3e92e82cd9e4341a7101e4c32da9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHChangeNotifyRegister

mscoree

_CorExeMain

advapi32

GetUserNameA

user32

RegisterClassExW

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 426KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE