NEAS[.]1f2dcfd5278f7044fdb70e5be2ea5b90[.]exe | Triage

Sharing

General

Target

NEAS.1f2dcfd5278f7044fdb70e5be2ea5b90.exe
Size

965KB
MD5

1f2dcfd5278f7044fdb70e5be2ea5b90
SHA1

b9f26020ff2fab894c61e4bcab6df12e57315ff3
SHA256

eab65aeb250c50b040571fe54d9f7a829f91a0354a0ef842642760ac0a7c8d06
SHA512

b5f7bf778330b58aecd3f1acdc2f484e55bfdec97086135222f7edff3e7a82d10ffb11ea385fee919b3b5d02a22a3b8d1cad637ce19ccf2fdec313cdeb4ed587
SSDEEP

24576:IjiMkuEozwNTVocOn7TbuWw69o7F/Um7E4r1ENWdB9:IjikEoKpocOn7fuWOU6E4r9dP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1f2dcfd5278f7044fdb70e5be2ea5b90.exe

Files

NEAS.1f2dcfd5278f7044fdb70e5be2ea5b90.exe
.exe windows:4 windows x86 arch:x86

589d48ed984f9485ea294725b3e3f1f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

advapi32

RegFlushKey

oleaut32

SafeArrayCreate

Sections

.MPRESS1
Size: 282KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE