93f734eaf69ccec73364e4a4fa639690_NEAS | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93f734eaf69ccec73364e4a4fa639690_NEAS
Size

34KB
MD5

93f734eaf69ccec73364e4a4fa639690
SHA1

7668794bfeb5c0a53311d7b279b0db9c3cfd3384
SHA256

ee70ec7ba75f6dc1e3e7e8304e74cb36da91b3b8dd0acdb2d58c34ebef85e64a
SHA512

0647f34af5306a94e39053ee8115f5635c981c0adde86f099861d98ea0f0eb13ada17a94f2c21ca69fd0829f88209b1b03fea8841f6791158a63ab986bba943f
SSDEEP

384:ccaxBErJYCTCRP7Pmzz+bb9Oey3oGb04tnw/x/viTm2x8LvU1A7bsVm1CKW7zv:6EqhRKGZCoc04t6viTm2x87UmHCm4K0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93f734eaf69ccec73364e4a4fa639690_NEAS

Files

93f734eaf69ccec73364e4a4fa639690_NEAS
.exe windows:4 windows x86 arch:x86

6c3e88f84d8caee716a96ddda8022cea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE