NEAS[.]315da2202df21ce83b71b9a74ed63e30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.315da2202df21ce83b71b9a74ed63e30.exe
Size

119KB
MD5

315da2202df21ce83b71b9a74ed63e30
SHA1

9b919684d61c9a95ab47df52b438d385e9244047
SHA256

e5dbeab494060b3cfcbd00b3859fa4cd8c986d45257821ce6ab837dfdad68d02
SHA512

d5009e88066bebd80de51a2aaaa1b9dc70de0d1c06e27ac0b982dc0452ebb591b1aa92c9272b5ef85e3e273dfa42e4db8dcf36c7d678c47ae75b1dd4f46e971b
SSDEEP

3072:jrAY8DMSOWz6JrD2mdByVb5qU6X5EUU7HdilCHRFn:j78DywIn/dctIUSOD4Uz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.315da2202df21ce83b71b9a74ed63e30.exe

Files

NEAS.315da2202df21ce83b71b9a74ed63e30.exe
.exe windows:4 windows x86 arch:x86

7da6f16d716bbf71c4896d0fa2ccb5a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW
HeapSetInformation
WriteConsoleInputW
GetSystemDefaultLangID
GetLogicalDrives
CreateThreadpoolWork
HeapLock
WriteConsoleOutputCharacterW
DeactivateActCtx
LoadStringBaseW
GetUserDefaultLangID

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE