NEAS[.]621253dd5f5b01ca78063f939781a2e0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.621253dd5f5b01ca78063f939781a2e0.exe
Size

119KB
MD5

621253dd5f5b01ca78063f939781a2e0
SHA1

19ffc29a11bc81e1d37d408c751f7782e9b634c3
SHA256

5515b8fabb294828389378ac4918619cb0035efc49b5d739d9bdb849ba9a302a
SHA512

a58f45229bd8a0df53b5728d28c33ad7f9bbdfb07e3132edd6636040457346cae2951972e5dd2f2797c1ebe390e84e98cd913edbb6a1328056c3ae7856aa2de1
SSDEEP

1536:dedJr3APMUGCraLjujwW1XOvtCP99FlMAGlbhkqEd4ken3BUh8gNzXz+o2GxxvkH:aJ8vGCraLyjToA99glWd4ZUSIRk5XV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.621253dd5f5b01ca78063f939781a2e0.exe

Files

NEAS.621253dd5f5b01ca78063f939781a2e0.exe
.exe windows:4 windows x86 arch:x86

eb0996b83a60f88c3060e438077d10d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
IdnToAscii
ConsoleMenuControl
LZCopy
DebugBreak
GetEraNameCountedString
PurgeComm
OpenEventA
RemoveDirectoryA
DnsHostnameToComputerNameA
GlobalUnfix
SetThreadExecutionState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE