8be2a462821866cc52856edddd1ce100_NEAS | Triage

Sharing

General

Target

8be2a462821866cc52856edddd1ce100_NEAS
Size

62KB
MD5

8be2a462821866cc52856edddd1ce100
SHA1

0e69d773a4c29037e5949337567b17e4ed187ef7
SHA256

63cd78676b582be6fa0757b100bdba1d343a7bb82e04e4ad1bc799832d3cf852
SHA512

92b1f9ce88f5093f56dd078d84c5c2aa8a0927088c85c833f46711c53e06c4fd42573605b958ab3a0bbc7b62084d7e2dcbd771e8a5b9ec1199dfa7ac083aa6f9
SSDEEP

1536:Alz3eS4G2ICU+SeCgbTvVBn0wyFIMMT3OnSTBKEKPEduKuNdqqzdnLj:sKuJubTvb0wW+PTV8EdqdqeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8be2a462821866cc52856edddd1ce100_NEAS

Files

8be2a462821866cc52856edddd1ce100_NEAS
.exe windows:4 windows x86 arch:x86

87c4a5e709733387d716b1051eed27bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
CheckNameLegalDOS8Dot3A
GetProcessHandleCount
VerifyVersionInfoW
LCMapStringA
MoveFileA
CheckRemoteDebuggerPresent
OpenSemaphoreA
FindFirstFileTransactedW
IsNormalizedString

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE