NEAS[.]14678c7ef6867b9939b4eaa4350caa70[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.14678c7ef6867b9939b4eaa4350caa70.exe
Size

119KB
MD5

14678c7ef6867b9939b4eaa4350caa70
SHA1

95590cc2e24797c26f21b33fa6c1dfca74970507
SHA256

393eb9f726a595ef4d37401fbecf65e9bf1e5246e012598f5df16e3c462bfb75
SHA512

d5d3233163d0b1f9c3ed69ce40769e46245f5176565fdd73edbd3e60c850e2a902789d614b65b59beba3a7a5944f218f0c02070ac990204fe5940ed2258da692
SSDEEP

1536:7pS7+cI+567w2INScnTS1d9YUXFo8OXubEIW9MOodBwz0oObkmtRLdtRpCLO2N8M:7A+c9aGNSdrioWRXubJWUKIXDdru5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.14678c7ef6867b9939b4eaa4350caa70.exe

Files

NEAS.14678c7ef6867b9939b4eaa4350caa70.exe
.exe windows:4 windows x86 arch:x86

e8d2418dd93bfc4f255d9e4e6e08938b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
UpdateResourceW
UpdateResourceW
GetThreadIdealProcessorEx
K32GetDeviceDriverBaseNameA
RegCopyTreeW
RtlMoveMemory
IsDBCSLeadByteEx
DeleteTimerQueueEx
BaseGetNamedObjectDirectory

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE