439c08f5e667601eb2bff36f68615f00_NEAS | Triage

Sharing

General

Target

439c08f5e667601eb2bff36f68615f00_NEAS
Size

2.4MB
MD5

439c08f5e667601eb2bff36f68615f00
SHA1

29721147606f93608447d16cb485e4431d574fb9
SHA256

518227a2a0178cbcb8b150f201f3d3391ea3611e674a64ade93a25797487d61b
SHA512

2e9fd20c45d820349ce5b89e31e600919c91de7026e9a5f69ed1a37159df10dbdce579ef7bfc7ce49ba7286d43280003f5dc47e535cc3724d4f6f3408af02cd0
SSDEEP

49152:kFEgm4RcdnonL5J+Pt/YK5yeRvyWyWeDU:pN4Rcdnsj8tAOyeRI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439c08f5e667601eb2bff36f68615f00_NEAS

Files

439c08f5e667601eb2bff36f68615f00_NEAS
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\am\sldworks\presentationmgr\themeeditor\obj\x64\Release64\PresentationStudioThemeEditor.pdb

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ