NEAS[.]a0657bfd865b0dda49c5a43d271de110[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a0657bfd865b0dda49c5a43d271de110.exe
Size

1.9MB
MD5

a0657bfd865b0dda49c5a43d271de110
SHA1

f2a6c9c1e6caa0cbc381fa5e1c98bc26c757c4ea
SHA256

720bfee335cbc2d727ca6a97dda4220c01ba333939d5ef0befd578524f411ece
SHA512

806e856f41fe46d5aeaffc4ad7072f8ed90103d83fa686f3bd77556ac15d2f143b3057c0d68eaec827e5881e93c4fca25f1c9ab0985b301ac46b9e9e26962802
SSDEEP

49152:ugRTcKyPICZ6rq8u+FYS7KIYwRb3vOK9lxE:uMc5ICory+F9Rb3vOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a0657bfd865b0dda49c5a43d271de110.exe

Files

NEAS.a0657bfd865b0dda49c5a43d271de110.exe
.exe windows:4 windows x86

cd530004bdf5f9d9f2944b420dc74fea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

ntoskrnl.exe

WheaInitializeRecordHeader

Sections

Size: 40KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wwvbxmwh
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

amtcxnxo
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L/5PrO
Size: 1024B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iud_LN
Size: 1024B - Virtual size: 32B

.l1
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j3O?dY
Size: 1024B - Virtual size: 32B

Sharing

General

Malware Config

Signatures

Files

cd530004bdf5f9d9f2944b420dc74fea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntoskrnl.exe

Sections

Size: 40KB - Virtual size: 96KB

.zrdata Size: 1024B - Virtual size: 984B

.idata Size: 1024B - Virtual size: 8KB

.gfids Size: 1024B - Virtual size: 2.9MB

wwvbxmwh Size: 1.8MB - Virtual size: 1.8MB

amtcxnxo Size: 2KB - Virtual size: 8KB

.taggant Size: 9KB - Virtual size: 16KB

L/5PrO Size: 1024B - Virtual size: 256B

iud_LN Size: 1024B - Virtual size: 32B

.l1 Size: 1024B - Virtual size: 1024B

j3O?dY Size: 1024B - Virtual size: 32B

.zrdata
Size: 1024B - Virtual size: 984B

.idata
Size: 1024B - Virtual size: 8KB

.gfids
Size: 1024B - Virtual size: 2.9MB

wwvbxmwh
Size: 1.8MB - Virtual size: 1.8MB

amtcxnxo
Size: 2KB - Virtual size: 8KB

.taggant
Size: 9KB - Virtual size: 16KB

L/5PrO
Size: 1024B - Virtual size: 256B

iud_LN
Size: 1024B - Virtual size: 32B

.l1
Size: 1024B - Virtual size: 1024B

j3O?dY
Size: 1024B - Virtual size: 32B