NEAS[.]48364d8a9f9b23867c523246cc7a1990[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.48364d8a9f9b23867c523246cc7a1990.exe
Size

1.8MB
MD5

48364d8a9f9b23867c523246cc7a1990
SHA1

e7db9da51904b1eb69d1ec3cd1c4e0d915dde3b2
SHA256

48a2459d7e30e95f1d618ff537c0c34f68542da0c9b9f518d7f908738dc5051e
SHA512

0b650e09c5294a2d182cb9fd29b267f4929e9f5be5b433243ea4214ee02a17cb52a6c18a05ced07231fe6bb0d63dfdaf8d1e8af3dc5fa83fdc7aabd8c5d53b2d
SSDEEP

49152:vQ/YkliGM/vIdVYgAzkmmAzcTNm8mTmtlB2WP:vuYUdVPUTmjTJtX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.48364d8a9f9b23867c523246cc7a1990.exe

Files

NEAS.48364d8a9f9b23867c523246cc7a1990.exe
.exe windows:5 windows x86

89ad456de5f4c9581e6da8e139f04c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryA
StrChrA

comctl32

InitCommonControlsEx

psapi

GetProcessMemoryInfo

kernel32

GetTickCount
FindFirstFileW
LocalAlloc
IsValidCodePage
CompareStringA
CompareStringW
GetVersion
GetThreadLocale
GetACP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
SetEndOfFile
GetFullPathNameA
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringA
GetTempPathW
LCMapStringW
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
HeapSize
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetStdHandle
ExitProcess
Sleep
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
PeekNamedPipe
GetFileInformationByHandle
MoveFileA
GetDriveTypeA
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
HeapReAlloc
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
GetTempFileNameW
CopyFileW
MulDiv
CreateFileW
GetFileSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentDirectoryA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetLongPathNameA
DeleteFileA
GetTempPathA
LoadLibraryExA
SetLastError
IsDBCSLeadByte
lstrcmpiA
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
GetFileAttributesA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcAddress
FreeLibrary
LoadLibraryA
GetDateFormatW
GetTimeFormatW
GetCurrentThreadId
lstrlenW
ReadFile
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
GetUserDefaultLangID
CreateDirectoryA
SizeofResource
LoadResource
IsProcessorFeaturePresent
HeapAlloc
FindNextFileA
FindResourceA
GetModuleFileNameA
FindFirstFileA
FindClose
GetVersionExA
GetComputerNameA
lstrlenA
CloseHandle
WriteFile
CreateFileA
GetLocaleInfoA
SetEnvironmentVariableA
FlushFileBuffers
GetProcessHeap
HeapFree
InterlockedCompareExchange

user32

MapWindowPoints
UnregisterClassA
MessageBoxA
GetWindowLongA
GetParent
GetWindowRect
SetWindowPos
IsWindowEnabled
IsWindowVisible
IsIconic
ScreenToClient
InvalidateRect
ShowWindow
IsWindow
CallWindowProcA
SetWindowLongA
RemovePropA
GetPropA
GetSystemMetrics
EnableWindow
IsZoomed
GetClientRect
wsprintfW
SetPropA
GetWindowDC
ReleaseDC
GetSysColorBrush
DrawTextW
GetSysColor
wsprintfA
LoadIconA
CheckDlgButton
GetActiveWindow
DialogBoxParamA
IsDlgButtonChecked
GetWindow
MonitorFromWindow
GetMonitorInfoA
CreatePopupMenu
AppendMenuA
EnableMenuItem
ClientToScreen
TrackPopupMenu
DestroyMenu
SendMessageA
GetWindowTextLengthA
GetWindowTextA
EndDialog
CharNextA
GetDlgItem
SetWindowTextA
UpdateWindow
LoadCursorA
SetCursor
CreateWindowExA
SetWindowRgn

gdi32

SetMetaFileBitsEx
CreateBitmapIndirect
GetObjectA
GetDIBits
GetCurrentObject
CreateEnhMetaFileA
CloseEnhMetaFile
GetEnhMetaFileBits
CreateCompatibleBitmap
CreateCompatibleDC
DeleteEnhMetaFile
GetMapMode
SetMapMode
LPtoDP
DPtoLP
CreateDCA
DeleteObject
DeleteDC
GetDeviceCaps
CreateFontIndirectW
SelectObject
CreateRectRgn
CreateRectRgnIndirect
SetRectRgn
CombineRgn

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExW
GetUserNameA
RegCloseKey
RegQueryValueExW
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

DragFinish
SHGetSpecialFolderPathA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA

ole32

StgCreateDocfile
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
StringFromGUID2
StgCreateDocfileOnILockBytes
CLSIDFromString
StgOpenStorageOnILockBytes
CoCreateGuid
CoGetMalloc
StgOpenStorage
StringFromCLSID
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromProgID

oleaut32

VariantClear
SafeArrayUnaccessData
OleCreatePictureIndirect
SysAllocStringByteLen
VarUI4FromStr
VarBstrCat
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarDateFromStr
SysAllocString
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VariantInit
VariantChangeType
VariantCopyInd
VariantCopy
SafeArrayAccessData
SafeArrayRedim
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SysFreeString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ad456de5f4c9581e6da8e139f04c4a

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 235KB - Virtual size: 234KB

.data Size: 259KB - Virtual size: 273KB

.rsrc Size: 79KB - Virtual size: 78KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 235KB - Virtual size: 234KB

.data
Size: 259KB - Virtual size: 273KB

.rsrc
Size: 79KB - Virtual size: 78KB