3c174a4481ec8ce925d83bcbb6fb0250_NEAS | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c174a4481ec8ce925d83bcbb6fb0250_NEAS
Size

59KB
MD5

3c174a4481ec8ce925d83bcbb6fb0250
SHA1

038aafaa6c2e42fa32af9935f2cb6f00fd19f326
SHA256

adee98ec686eeeed08bd5e060f8f9882cbd6588d0001eab10d5c972bb6ced13c
SHA512

c54708001178f42aad9abd7c68ce76a6bc391b7dbae52a0002e161c95c34164dedf09b31ddbd355bce39d4365e85f788c95173db19a453b71b4c2a271262cd55
SSDEEP

768:H6TQ9GWYJPeS71wnXipidH1juXgnnDpbebO5zXzyGxRz6/UmEU1Ns2n62fUCc:H6TQ9tYJPemWTBs6zjy2Rz6sm11yb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c174a4481ec8ce925d83bcbb6fb0250_NEAS

Files

3c174a4481ec8ce925d83bcbb6fb0250_NEAS
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.ViCon.Service.Plugin.PlcJob.Deployment.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ