NEAS[.]587c4ee039de05646e00ceaba873b320[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.587c4ee039de05646e00ceaba873b320.exe
Size

48KB
MD5

587c4ee039de05646e00ceaba873b320
SHA1

387fccbdc3e11d256df1d32238a767656d9a89c0
SHA256

b499736b003ad048d74578a499b99a764fc8abf40ce915cae45717a1deb05915
SHA512

5114edfa777b638f418c0a43386e2b8c961da2bbeb057167c64f5f1b51bf92795875bc46f07fc33eff5812aa4b4202f0901a1654110de789f9066456bb424370
SSDEEP

768:0YaoBsM2wcKHbCSCxUB8fXtFPus82u5E6v6iNlXqlmW:0Yac2w2tnusqNBqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.587c4ee039de05646e00ceaba873b320.exe

Files

NEAS.587c4ee039de05646e00ceaba873b320.exe
.exe windows:4 windows x86

c76363933a34a85724d8004d62ff1519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_AddRef
ord560
DllFunctionCall
ord670
ord675
ord677
ord678
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord319
ProcCallEngine
ord644
ord100

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ