NEAS[.]6414fec6900db437888ec53560ea3720[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6414fec6900db437888ec53560ea3720.exe
Size

119KB
MD5

6414fec6900db437888ec53560ea3720
SHA1

87ad4a65de2bb182e599809901236d1e345aa6e0
SHA256

edf29b1a95b1dc135ca8b269be90050effb24469886106b5f257f7ff6cddf1eb
SHA512

f11f2f780ca73dbe10d4c75095a9ffab40915e1dcb53844ed83e5dedbb9ea4749e866b216e633345a6fc1156e885750ad3cd05f91ec8f1c891bd216b58857a61
SSDEEP

3072:F5PoXpuf/Qm9avojDtzmjaFS6lpZfIBhxzcttOmx5uWHsMT4:n2uf/Q7oj5zvFJpRIzxzcfDjk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6414fec6900db437888ec53560ea3720.exe

Files

NEAS.6414fec6900db437888ec53560ea3720.exe
.exe windows:4 windows x86 arch:x86

23a93aec649e9ff01a3dce57c1506a47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddScopedPolicyIDAce
SetConsoleHistoryInfo
GetProcessDefaultCpuSets
UnhandledExceptionFilter
ScrollConsoleScreenBufferA
GetEnvironmentStringsA
SetThreadGroupAffinity
SetFilePointerEx
PackageIdFromFullName

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE