NEAS[.]85f80472db44fa300be1b898601042b0[.]exe

General

Target

NEAS.85f80472db44fa300be1b898601042b0.exe
Size

24KB
MD5

85f80472db44fa300be1b898601042b0
SHA1

56468d9ee20ceb9cf862fc36f0ffb91ec1e078d7
SHA256

03a5479ac6060d834110a0b98109af40a67239002c86a014e1e2bbe069c7bd85
SHA512

01efd7825ea59aeaec7a3b6e7eb35e37a5ed2dc6e970583248ab4e16541d1640cdc8aa8988fad38bedb9adeebb3eb24bb0aaf811265bd82a846408e4743ce62a
SSDEEP

384:0uc9MmIbJinyWIgq2bCv+Ni7RSAajaEXjd:0uOMmIbJiyZgq2evwitSAJET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.85f80472db44fa300be1b898601042b0.exe

Files

NEAS.85f80472db44fa300be1b898601042b0.exe
.dll regsvr32 windows:4 windows x86

e0697f8443dc4d27dcb0ae4034b3ff94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

NdrDllUnregisterProxy
NdrStubForwardingFunction
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
NdrDllRegisterProxy
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
CStdStubBuffer_Disconnect

oleaut32

BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0697f8443dc4d27dcb0ae4034b3ff94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

oleaut32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 490B

.orpc Size: 1KB - Virtual size: 1KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 744B

.text
Size: 512B - Virtual size: 490B

.orpc
Size: 1KB - Virtual size: 1KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 744B