NEAS[.]3d3364379192a2d0c5675484cddf8370[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3d3364379192a2d0c5675484cddf8370.exe
Size

119KB
MD5

3d3364379192a2d0c5675484cddf8370
SHA1

227bde83c3e351a11e9b620fdeaf8450c7c591ab
SHA256

c70cf9731a4642c1fbf2ca920af6d521cdabc1b500aea145a4799c96c46235fe
SHA512

cce6f55b586b57dd13015bae3025a3652f47d4450966dceb48e56976af797239fa7b58b57bfde2ee73ebed6ed0547132927e6d5e3a4e5f1d0ab28fafb8b3c647
SSDEEP

3072:iVWRpcKEoNYBxmYDEwN2j1ui+mMLbb8ncm8xtZl+iLDv8tyEZ9kht:KwuJo6Tw+mIV7Ci3wyG9Ot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3d3364379192a2d0c5675484cddf8370.exe

Files

NEAS.3d3364379192a2d0c5675484cddf8370.exe
.exe windows:4 windows x86 arch:x86

c4dbe3452118f5a0cf293616009daf4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AppPolicyGetClrCompat
AddLocalAlternateComputerNameW
WaitForSingleObjectEx
AddRefActCtxWorker
LZStart
SetProcessWorkingSetSizeEx
BaseGetNamedObjectDirectory
RegisterConsoleOS2
CreateEventExA
FreeConsole

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE