NEAS[.]276a31612ee34b1086c7215036234bf0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.276a31612ee34b1086c7215036234bf0.exe
Size

119KB
MD5

276a31612ee34b1086c7215036234bf0
SHA1

905ad99b02d0e7f077687d1d0abcb3ec3fd8f68c
SHA256

120ef2484b15c9836e053b1bb64eb59756dfd5d0fc68e61ba8626bf6b325c784
SHA512

ecdca566b2ef8b9073c00e6bf71d6e844dd06216a1626b0d4cc7cc4b5e5f43d92b178c81f1f3cc6299dd95c7b8327b9b942f0d5da59dd5151ac13f02367184ca
SSDEEP

1536:DixYAbJViOWfl/gMiTMqCdlninBseMRPCYYsp1OKPKcNvfUP4yGXpBhDZrYUtlrW:V+J4HxqklnE2RPCl5FP4jh9Ysiycoy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.276a31612ee34b1086c7215036234bf0.exe

Files

NEAS.276a31612ee34b1086c7215036234bf0.exe
.exe windows:4 windows x86 arch:x86

5dcaf925b24c3c16de18d6442c9bc45a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetMemoryErrorHandlingCapabilities
CreateWaitableTimerA
FindFirstFileA
ReadConsoleOutputAttribute
timeGetDevCaps
FindPackagesByPackageFamily
GetStdHandle
InterlockedPopEntrySList
ExpungeConsoleCommandHistoryW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE