NEAS[.]279e83a378698105d28cb32b076d2030[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.279e83a378698105d28cb32b076d2030.exe
Size

145KB
MD5

279e83a378698105d28cb32b076d2030
SHA1

9903934d8778146802dcb57c070aa30e0c093320
SHA256

58fed60a8bd914facf3ea56534779671d5ddc6c3dc97a58040141c8e14ffc0f2
SHA512

0bea6f55b22e896f48a8cdd7f26ca753b32bac21fcc89ea12101272f3296dbe42ffc9b2a6a8bc955f98f176e5450ac1ac2bfdb7ab54bcf63061507fabca5de9b
SSDEEP

3072:2lX7gRX5c9cpQyyw+Y9ZeSWGShUnJFFZPtdntUUEzjRMpxDBz:2lLkX+9cp74YjeSkhUnJ/ZPtdtUUEzjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.279e83a378698105d28cb32b076d2030.exe

Files

NEAS.279e83a378698105d28cb32b076d2030.exe
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

crs
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ