4d1fa5e9484ad296a3513e8880a86c10_NEAS | Triage

Sharing

General

Target

4d1fa5e9484ad296a3513e8880a86c10_NEAS
Size

38KB
MD5

4d1fa5e9484ad296a3513e8880a86c10
SHA1

64cd66cf25cc9405fc9e18271219f17830ce0845
SHA256

21af9a0133e092ce4f6327b4d09d2d069d62eb2ffdf240739efafd5b57d39a73
SHA512

924d39554d92d91ad5af076c89a434fd98c44808d1b52a242b47d70601fedbef78ecb48e913a32ad80efe1a5976b6b2f4367a16aab0d309d7b0cf300d62164e4
SSDEEP

384:H0NqwaXklRRvZxMR5QYKZseH5eAXZkbXSm10cz2TFUaMPbaDqcRM+ll4uvq:H0NqwbTzQDKVeA2bhpaPDqcRkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1fa5e9484ad296a3513e8880a86c10_NEAS

Files

4d1fa5e9484ad296a3513e8880a86c10_NEAS
.exe windows:5 windows x86 arch:x86

f08fb13efbf8ba797507962ac13ecc2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

ord13

gdi32

CreateDCA
GetWindowOrgEx
SetWindowOrgEx

kernel32

GetModuleHandleW
GetProcAddress
ExitProcess

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ