66e04c243677dbf98e8d6985e421d950_NEAS | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66e04c243677dbf98e8d6985e421d950_NEAS
Size

120KB
MD5

66e04c243677dbf98e8d6985e421d950
SHA1

33bb836a40ef084b34ee8ae89b095e6b91ca9c6a
SHA256

f0a82acc3a430b7f574c6dea04d695199f17e584982bac08f9f0c261d5bee235
SHA512

e4d2ed3408aa24e98c82d74285645840c8ad291d7894a2d21f2c834c7598e346612d37f677f515ac9279d2273aa9571b23e75a2e63a7aa970780214385bac7de
SSDEEP

3072:DpuLfNEtRPdp2jr6fNcfBXOfJPpzcLvh8DS:MLIPPBjy8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e04c243677dbf98e8d6985e421d950_NEAS

Files

66e04c243677dbf98e8d6985e421d950_NEAS
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ