NEAS[.]95497e236af4129b032ad230a0cbcb80[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.95497e236af4129b032ad230a0cbcb80.exe
Size

72KB
MD5

95497e236af4129b032ad230a0cbcb80
SHA1

ecbf44e5c7383a19cdceab3173d5dd5701f78c3c
SHA256

724230238f9eb5c6c4a1bf308b65c9b103cc0ec82118ac35efa45791f90b71c0
SHA512

7aa2e3720b72ae20e7109eb15340d5ced1f3770cecfe0e84237724b4945e3698e0bc19a3d8b39e9e369ffee3b313ee87eaf6acc85bc677b7a598eeb9bb6d9af7
SSDEEP

192:POxNFxQMDSxyKJQ5NPy/2/LrzsZA+Jf9xtLyHUMGzHHN+odX:GNvQbc7MuHzwAuLVnNFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.95497e236af4129b032ad230a0cbcb80.exe

Files

NEAS.95497e236af4129b032ad230a0cbcb80.exe
.exe windows:4 windows x86

f9bfccc82b6cfe6f82f41a3e115e0db2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord556
ord666
ord592
ord595
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord716
ord717
ProcCallEngine
ord535
ord685
ord100

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ