NEAS[.]d7af55fffa5db41165dee4f006c756d0[.]exe | Triage

Sharing

General

Target

NEAS.d7af55fffa5db41165dee4f006c756d0.exe
Size

900KB
MD5

d7af55fffa5db41165dee4f006c756d0
SHA1

4d9d32eef6a57c37a366b938e10609f1712c743a
SHA256

fb0961d84c38de47062fc4f3073039b64ad877cd4fb4fde263ca6410ee676151
SHA512

fb87738511622dc2cf13e354709636053ff28304fe6c8b5095c8a34238f6fd53d1de65d47aa7da80df0d8385bc11f87fff47d7bc292a47d99c0ccd5acc01b87e
SSDEEP

3072:022TsRbqzeCdJBkc2nP/E6dHfA4WiJ7rlwYZGSf/HCeCjFzcKozWiOWitWiG7rl2:09PPd96/T3QZJz2HGbWU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d7af55fffa5db41165dee4f006c756d0.exe

Files

NEAS.d7af55fffa5db41165dee4f006c756d0.exe
.exe windows:4 windows x86

03457b9ec600a8280aeb49fbbf893274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord516
ord593
ord594
ord595
ord596
ord524
ord632
EVENT_SINK_AddRef
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord571
ord576
ord685
ord100
ord617
ord580
ord581

Sections

.text
Size: 888KB - Virtual size: 886KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ