NEAS[.]1c03cd5ff39e3d52f85db551f1eab4b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1c03cd5ff39e3d52f85db551f1eab4b0.exe
Size

77KB
MD5

1c03cd5ff39e3d52f85db551f1eab4b0
SHA1

13b542440fca359b1acba3c1714d5afccabbcf28
SHA256

7df1502c49d7388e52fc8f54d1baad4906a07c5718f21369603569726c6a763e
SHA512

101b12deda1591f1e650f651340fdcc0dd1503b609d692404672979de0c040158e05818c688ec78224945b4cd462fc1fc85058a82c7a8616276ac0b44c50edc8
SSDEEP

768:Yt0F8C6L00VVQiARQnh36RLDoLIWtkyABJOVdL2Dx8yhQ1Q1oF:Y+FPd3Wnh36RLcIW6yABJOPLiRuF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1c03cd5ff39e3d52f85db551f1eab4b0.exe

Files

NEAS.1c03cd5ff39e3d52f85db551f1eab4b0.exe
.dll windows:4 windows x86

f42d0f4a81dc395047af13f436ff460e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_amsg_exit
_initterm
_iob
_lock
_unlock
abort
calloc
free
fwrite
memset
realloc
strlen
strncmp
vfprintf

ws2_32

WSAConnect
WSASocketA
WSAStartup
htons
inet_addr

Exports

Exports

Sock
Winsock
hax
ini_processo
processo_info
wsaData

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 704B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 245B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/94
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/110
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f42d0f4a81dc395047af13f436ff460e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ws2_32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 40B

.rdata Size: 1024B - Virtual size: 892B

/4 Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 704B

.edata Size: 512B - Virtual size: 168B

.idata Size: 1024B - Virtual size: 1000B

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.reloc Size: 1024B - Virtual size: 528B

/14 Size: 512B - Virtual size: 440B

/29 Size: 25KB - Virtual size: 24KB

/41 Size: 5KB - Virtual size: 5KB

/55 Size: 5KB - Virtual size: 5KB

/67 Size: 512B - Virtual size: 245B

/78 Size: 2KB - Virtual size: 2KB

/94 Size: 3KB - Virtual size: 2KB

/110 Size: 512B - Virtual size: 350B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 40B

.rdata
Size: 1024B - Virtual size: 892B

/4
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 704B

.edata
Size: 512B - Virtual size: 168B

.idata
Size: 1024B - Virtual size: 1000B

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 1024B - Virtual size: 528B

/14
Size: 512B - Virtual size: 440B

/29
Size: 25KB - Virtual size: 24KB

/41
Size: 5KB - Virtual size: 5KB

/55
Size: 5KB - Virtual size: 5KB

/67
Size: 512B - Virtual size: 245B

/78
Size: 2KB - Virtual size: 2KB

/94
Size: 3KB - Virtual size: 2KB

/110
Size: 512B - Virtual size: 350B