NEAS[.]3cd1e34b9dd11bb14652db0b2dfe1fa0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3cd1e34b9dd11bb14652db0b2dfe1fa0.exe
Size

36KB
MD5

3cd1e34b9dd11bb14652db0b2dfe1fa0
SHA1

0749967456b7bcc0e67b361b3171fc16a8f186e6
SHA256

b997a9704aa8cd6dae5e90c2180a15213ed98f4702a4b8fe9e88a27b17791b88
SHA512

268ae8339983b363a0eb35bfcb2393a59bfda1cdd9b197f4438cf45b21429bb7e3c0bdbca67e7ad5226f21bebdbfbeefd82ff2d1eb4c7f32b9d6abb5c2218959
SSDEEP

384:bBmTzESwjmJAUsHMp/bmlEvc8yrTGbIrhAoOTc/RuLQVy/kJZ0TW9YH6h8Sfw1Oj:bKzEpmrse/1vrihAolR0vBuB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3cd1e34b9dd11bb14652db0b2dfe1fa0.exe

Files

NEAS.3cd1e34b9dd11bb14652db0b2dfe1fa0.exe
.exe windows:4 windows x86 arch:x86

80c300232c6c6ccd4b830a054c974a59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CreateFileA
CloseHandle
DeviceIoControl
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetLastError
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE