NEAS[.]619bb7d63fd2d720c49bd4d5a0405380[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.619bb7d63fd2d720c49bd4d5a0405380.exe
Size

119KB
MD5

619bb7d63fd2d720c49bd4d5a0405380
SHA1

cd31d651e050d2cb289bf951726b6ece147c03fc
SHA256

4a33927045814176154043eef21f75643b816ed8379c1e7e687cfa9ef8444740
SHA512

54e209594f310880578b96cec3e9d39d44a5d557d83f0e7e8ef392b1db2e87af63fcb212381509a0c1bdcf144bc59e02bb743d43c59cb7d6a3f753d6d33d000e
SSDEEP

3072:PuvAUFopTWz9AAEbWbBS0lyC11toEowmmExGZcIOG9Padn:rpTWz6jqbBS0lyC1HXmmkwROEPadn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.619bb7d63fd2d720c49bd4d5a0405380.exe

Files

NEAS.619bb7d63fd2d720c49bd4d5a0405380.exe
.exe windows:4 windows x86

2ffbae2810fac6e1a519a80859ed61c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
Toolhelp32ReadProcessMemory
Beep
GetPrivateProfileStructA
WaitForSingleObjectEx
SetConsoleCursorMode
GetNumberFormatEx
UnregisterWait
GetDateFormatW
VirtualQuery
GetAtomNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE