NEAS[.]125d8ef3b92e4798acb87f291e09e9b0[.]exe | Triage

Sharing

General

Target

NEAS.125d8ef3b92e4798acb87f291e09e9b0.exe
Size

119KB
MD5

125d8ef3b92e4798acb87f291e09e9b0
SHA1

f2f3b399c7ca04b838f538c193fb92bcd69f8e5c
SHA256

98b9417760283b198d6f92ec309085a05b5fec59d5e8590c00d136e265456e73
SHA512

abcadc482108fbd87d2b2469b0c70d00aebde9f68d640993e13b12a49c8a06593adb83fad9812908dd21a2c746a40bec298114bd1cd5266080b2fb37835a78f6
SSDEEP

3072:VyDlegoqxOJ+OgDDecWdIuuZWtRnz75chmJE:wvxOJMn4dSktLumu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.125d8ef3b92e4798acb87f291e09e9b0.exe

Files

NEAS.125d8ef3b92e4798acb87f291e09e9b0.exe
.exe windows:4 windows x86

e326376770246f4b1d3e2290d57c5717

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstStreamW
GetUserDefaultLCID
CallbackMayRunLong
WerUnregisterFileWorker
AddDllDirectory
GetEnabledXStateFeatures
GetPrivateProfileStringW
GetVolumePathNameW
GetDateFormatEx
GetSystemTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE