NEAS[.]e2730c9b791c5ad464ea21b905d24fc0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e2730c9b791c5ad464ea21b905d24fc0.exe
Size

119KB
MD5

e2730c9b791c5ad464ea21b905d24fc0
SHA1

78809d51fffe1d66c12eee54060acf69c6422932
SHA256

318c6306992063372c1a541e35a267a164df3f7d2f88953f091a124c3f2a9844
SHA512

1e9f6f841b72e9e793141a238de6cf6b3753e87a2ff1c66dc8b9ab5f604a6a9d2c811cfe1de95caa016664f25c6b64204a627702023cfc41273bae7cb86ce7fe
SSDEEP

3072:uPcAgzDO2dp2V/ZfvTInGayanL6kbCayTkgVDc2A1oU4pwfOEQj:uPFgnOIM13snk7ggF2f4mOEm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e2730c9b791c5ad464ea21b905d24fc0.exe

Files

NEAS.e2730c9b791c5ad464ea21b905d24fc0.exe
.exe windows:4 windows x86 arch:x86

1698fbedbeb069334cc91663cfedd04d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterBadMemoryNotification
EnumCalendarInfoExA
GetEnvironmentVariableA
QueryActCtxW
TermsrvDeleteValue
SetConsoleFont
GetSystemTimePreciseAsFileTime
FlushFileBuffers
SetTermsrvAppInstallMode
OutputDebugStringW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE