NEAS[.]f481c421b889d0e65c68140cd4abb840[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f481c421b889d0e65c68140cd4abb840.exe
Size

119KB
MD5

f481c421b889d0e65c68140cd4abb840
SHA1

8da6f17532a3f4a48b190ed90e74aedbb5273625
SHA256

f823d4af7fcf0007015ec9a16ac7f6b1d51ae5d33045560115d80e8df1bc9b3c
SHA512

48eb0c84a5a0a72ff6094aebe9c5ed690df0d59580ebade4d7b030c1f253d3e1f93550d234b5bd46e61666ccf0d64c214a52970e1f773df7c8d2ad9c8bc33d1d
SSDEEP

3072:J0kHr/TpkUXKhotMMh2YF4Y4ZA+VPzlYm6fXXGRQOg8eguW:7jTCWZFF4ZAaRQOgA/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f481c421b889d0e65c68140cd4abb840.exe

Files

NEAS.f481c421b889d0e65c68140cd4abb840.exe
.exe windows:4 windows x86 arch:x86

e79ce341cee061d8c740e626cc4d0916

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
GetComPlusPackageInstallStatus
RemoveVectoredExceptionHandler
CreateRemoteThread
TlsGetValue
GetSystemDEPPolicy
GetLogicalDriveStringsA
GetPrivateProfileStructA
RegGetValueA
BaseUpdateAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE