2ec62953b09f47e993f432c198009970_NEAS | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec62953b09f47e993f432c198009970_NEAS
Size

275KB
MD5

2ec62953b09f47e993f432c198009970
SHA1

f017f09780226cbdd10a51259bcfe7798e78fc50
SHA256

2a66dd9ab1b2946435bd8c5252560ac7dc2f399c1d4c054d837608bc215327fe
SHA512

dbbedd4c4019f5411e90469e8f549c0dbf6137afaf31dc4de3e9152f20ba88e6240b66158e288cb879efc7cbea871ff082fe4426848563b6ec10593b3c916048
SSDEEP

6144:l7EzaNCKwC9UQ2MYEYV6KLXRN8pX9rZ0:uniUQ2YKFEXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec62953b09f47e993f432c198009970_NEAS

Files

2ec62953b09f47e993f432c198009970_NEAS
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Projects\LP.Refund\LP.Refund\obj\Release\LP.Refund.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ