NEAS[.]768c38e998f1310fd3c7018bf265fa70[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.768c38e998f1310fd3c7018bf265fa70.exe
Size

378KB
MD5

768c38e998f1310fd3c7018bf265fa70
SHA1

857d6fe0e743bf9c606c0192db2d300d77a1b8e2
SHA256

125824b5874ed63ea8bf47b1ed22f5d0d07ba6209adea4b8b5a0620ba254964a
SHA512

4118b7f690a8604dd46b2521d2ac9f6b86f370ba726c1b5ed3f863b813f30613959d95fd54986c122cddaad100bd932333036b85295da5d71eec8478f0af3aaf
SSDEEP

6144:HCunN6kXZ1UIjijA1aO/g9BWjJvIzNQtwXW8eKcjvY+JzDWBSbnozdUkxV:HCA8AUIjuYjJvIzNQPnvY+9Dbozy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.768c38e998f1310fd3c7018bf265fa70.exe

Files

NEAS.768c38e998f1310fd3c7018bf265fa70.exe
.exe windows:4 windows x86

33e01a3c294a782ee3957db4bfc66233

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
VerifyVersionInfoW
FindResourceExW
CreateFileMappingW
GetLocaleInfoW
UnmapViewOfFile
GetVersionExW
WaitForSingleObject
GetVersionExA
FreeLibrary
SetUnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualAlloc
VirtualFree
HeapAlloc
GetProcessHeap
CreateEventW
CreateThread
CloseHandle
SetEvent
LocalAlloc
FindResourceW
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
GetCurrentProcess
FlushInstructionCache
lstrcmpW
MultiByteToWideChar
GetFileAttributesW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
DisableThreadLibraryCalls
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
CreateFileA
lstrcmpiA
lstrcatA
OpenThread
GetCurrentProcessId
GetCalendarInfoA
FormatMessageW
DeleteCriticalSection
InitializeCriticalSection
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
CreateFileW
TlsFree
TlsAlloc
UnhandledExceptionFilter
SearchPathW
OutputDebugStringA
GlobalFree
ExpandEnvironmentStringsA
OutputDebugStringW
WideCharToMultiByte
GetComputerNameW
lstrcmpiW
CompareStringW
MulDiv
SetLastError
lstrlenW
ReleaseSemaphore
CreateSemaphoreW
GetSystemWindowsDirectoryW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
LocalFree
FormatMessageA

user32

KillTimer
SetTimer
EnableWindow
IsWindowEnabled
GetWindowTextW
LoadStringW
LoadIconW
GetWindowTextLengthW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
InvalidateRect
RedrawWindow
SetCapture
IsChild
GetParent
CheckDlgButton
ScreenToClient
SetCursor
SystemParametersInfoW
DestroyIcon
GetClassInfoW
DefDlgProcW
RegisterClassW
SetRect
FindWindowExW
GetWindowThreadProcessId
GetDlgItemInt
CheckRadioButton
GetWindowRect
LoadCursorW
SetDlgItemTextW
IsCharAlphaA
IsWindow
GetDesktopWindow
FillRect
GetFocus
GetWindow
SetFocus
CallWindowProcW
DestroyWindow
ReleaseCapture
GetDlgItem
LoadImageW
MsgWaitForMultipleObjects
GetSubMenu
GetMenuItemCount
EnableMenuItem
GetActiveWindow
GetKeyState
GetWindowDC
RegisterClipboardFormatW
IsDlgButtonChecked
MapWindowPoints
CreatePopupMenu
TrackPopupMenu
DestroyMenu
GetSysColor
EndPaint
DefWindowProcW
GetClientRect
IsWindowVisible
MsgWaitForMultipleObjectsEx
SetWindowTextW
wsprintfW
GetSystemMetrics
CreateWindowExW
BeginPaint

advapi32

GetLengthSid
AllocateAndInitializeSid
CloseServiceHandle
ConvertStringSidToSidW
RegOpenKeyExA
CopySid
ImpersonateLoggedOnUser
RevertToSelf
OpenSCManagerW
FreeSid
IsValidSid
GetSidSubAuthorityCount
GetSidLengthRequired
RegCreateKeyExW
RegConnectRegistryW
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegDeleteKeyW
RegEnumValueW
EqualSid
LookupAccountNameW
LookupAccountSidW

ole32

CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
CoTaskMemAlloc
CoUninitialize
CoInitialize
StgCreateDocfileOnILockBytes
StringFromGUID2
OleUninitialize

msvcrt

wcspbrk
memset
memmove
wcschr
wcsncmp
free
bsearch
iswspace
wcstoul
wcsspn
towlower
wcsstr
wcsrchr
malloc
towupper

secur32

TranslateNameW
FreeContextBuffer

shlwapi

StrTrimW
PathRemoveFileSpecW

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33e01a3c294a782ee3957db4bfc66233

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

secur32

shlwapi

Sections

.text Size: 360KB - Virtual size: 359KB

.data Size: 1024B - Virtual size: 297KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 360KB - Virtual size: 359KB

.data
Size: 1024B - Virtual size: 297KB

.rsrc
Size: 16KB - Virtual size: 15KB