NEAS[.]83361bc9201291f06ec27e3f4893ecf0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
Size

48KB
MD5

83361bc9201291f06ec27e3f4893ecf0
SHA1

35c291b40a8a334b09215608747d00f7e1376e7f
SHA256

2626c3bc737f56218ff04a55950e37a546ff1741a58384e5f9dbf6f6fe5dc491
SHA512

aa19379ca9d9cd0f66a679c663c4cfadce21f2e1bc8d73f555664173513f5ca81062f23d39667ffbdb6136c88c6750d0cca7e3402218dff6ac68124433e53c23
SSDEEP

768:f+c1J3gQKV54zGL1lSCmLE4EchVBqp+bs+XbobZw46hyxC:fp1VgQKPdhwCmE6jqp+bs+XbobNA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.83361bc9201291f06ec27e3f4893ecf0.exe

Files

NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
.exe windows:4 windows x86

61b9725fd52b1f9b521d25768ba2546e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerClose

lz32

LZCopy

gdi32

BitBlt

advapi32

CloseEventLog

msvbvm60

ord695
ord662
ord669
DllFunctionCall
__vbaExceptHandler
ord319
ProcCallEngine
ord644
ord100
ord547

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ