NEAS[.]6b7b656dad26ed76844d6afed2b17f10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6b7b656dad26ed76844d6afed2b17f10.exe
Size

119KB
MD5

6b7b656dad26ed76844d6afed2b17f10
SHA1

28c2a79b4718c64ed7de36acde40340c982f1208
SHA256

cfa37f41256f864c888baf020e07a7296b2dc82e680964e8b317e2041fb6975a
SHA512

ada7d6428c2fec17ab5ce2e8e98d5cca4b884b8836f96c77d5ad514187616d8e4eaf4dc4bec8fb8fe7b9ac098e0259b2636b7eb130231546c5bdc27c60d5e0fc
SSDEEP

3072:1RAy8tdkvTfRI0rEHI9a7ccomnH+eC0GWHM6ruG:1RA5Qvq0YHAscynH+X0U+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6b7b656dad26ed76844d6afed2b17f10.exe

Files

NEAS.6b7b656dad26ed76844d6afed2b17f10.exe
.exe windows:4 windows x86 arch:x86

dca13915aca2ea1e60606e826df5fd66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenWaitableTimerA
PostQueuedCompletionStatus
OpenFileMappingW
RegSetValueExA
BasepAppContainerEnvironmentExtension
CreateThreadpool
timeGetSystemTime
SetProcessAffinityMask
EnumResourceNamesW
GetPackagePathByFullName

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE