NEAS[.]2aeb6ecf0ac27b57ec050f2e9ffc7326_JC[.]exe | Triage

Sharing

General

Target

NEAS.2aeb6ecf0ac27b57ec050f2e9ffc7326_JC.exe
Size

343KB
MD5

2aeb6ecf0ac27b57ec050f2e9ffc7326
SHA1

6b1cf6d5e816a84556e22e9cd1b99c7eee078fd5
SHA256

f09b13217e7d65c647af8e928d81e0a3f9ec517806e8b57f5c12c7399da337d8
SHA512

bc86e7e94c0b3b505a28253139c27b879f576c54be58f7bccade790ddd25e13f8df7350d4109c9775d338621f91fc9b29eb7cc2af4c9907fee73517fa0f22fdb
SSDEEP

1536:9Qoj5VjPMjO3TYaCZ6Byt2uXMWpc7y6BytyuXMWpc7o2wov/FWoLs1q0n5WTu5LU:9QmbjECkIBytoNBytM3vrtS57PDI+NW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2aeb6ecf0ac27b57ec050f2e9ffc7326_JC.exe

Files

NEAS.2aeb6ecf0ac27b57ec050f2e9ffc7326_JC.exe
.exe windows:4 windows x86

96e57d09efd03a48c83f1349e435734e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord598
ord709
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord607
ord608
ord531
ord645
ord570
ord576
ord100
ord617
ord619
ord580

Sections

ukiwGhLB
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MIZwSMcb
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE