5396fb5b500512b9c04b2758aeb80420_NEAS | Triage

Sharing

General

Target

5396fb5b500512b9c04b2758aeb80420_NEAS
Size

411KB
MD5

5396fb5b500512b9c04b2758aeb80420
SHA1

5e82f3787fe7aee79b21b2ecb777dc4e8f8bdcf1
SHA256

fad31af1c03cb80cb5af53ec50136f1cd004b0734665b31f7e4ee77a9bc64f26
SHA512

ce361dc7876db2a316c4edbf6bb1b4a46940bd52507e389af28b681e27c4f557fcec6884a8a78a9c3a068f118f1928edada2ab9d4459d6ebd19eb45794946910
SSDEEP

3072:PSdJPu4rf30OOOOOOOq0TUpuNKpzKO168rI8:PAnMOOOOOOONT6DzKOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5396fb5b500512b9c04b2758aeb80420_NEAS

Files

5396fb5b500512b9c04b2758aeb80420_NEAS
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\tmignone.FALMOUTH\Desktop\VADAR Serial Control 1.0\WindowsFormsApplication2\obj\Release\VADARSerialControlClient.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ