NEAS[.]16c1ba993b6784f804644dd44279b710[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.16c1ba993b6784f804644dd44279b710.exe
Size

1.1MB
MD5

16c1ba993b6784f804644dd44279b710
SHA1

b75aa86f313709c2962232fbba29229b235b159a
SHA256

82d6eb275d4b34d85b378d01df36dcb17c26749bff85efdc9ebc83fadd257ce1
SHA512

38f256e6745cfb786e23e908811805a2080bc4ec262a940c1f705cf7f9efead9c919141023a9b675e5a6babf49203ee4ccf6da6e4be9691ae93b4296685efadd
SSDEEP

24576:9bosr3u2xbV1b+OoqgUvoPhffHVYn9lqd:tzxbV1HPopff6n9lqd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.16c1ba993b6784f804644dd44279b710.exe

Files

NEAS.16c1ba993b6784f804644dd44279b710.exe
.exe windows:6 windows x86

a55013b0908df187f7a9a2f0f68b8a8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Remove
ImageList_GetIcon
ord17
ImageList_Create
ImageList_ReplaceIcon
InitCommonControlsEx

gdiplus

GdipDrawLine
GdipFree
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetPenDashStyle
GdipCreatePen1
GdipDrawLineI
GdiplusStartup
GdipAlloc
GdipDrawRectangleI
GdiplusShutdown
GdipDeletePen

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetCanonicalizeUrlW

kernel32

FindCloseChangeNotification
LockResource
QueryPerformanceFrequency
DeleteFileW
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
FindResourceExW
ResetEvent
LoadResource
FindResourceW
HeapAlloc
FileTimeToLocalFileTime
GetCurrentDirectoryW
FindNextChangeNotification
DecodePointer
HeapDestroy
GetWindowsDirectoryW
MoveFileExW
GetFileSize
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
CopyFileW
GetTempFileNameW
GetSystemTimeAsFileTime
IsBadReadPtr
SetProcessWorkingSetSize
QueryPerformanceCounter
GetExitCodeProcess
WideCharToMultiByte
SetThreadPriority
GetCurrentThread
SetThreadPriorityBoost
LoadLibraryW
GetCommandLineW
OpenEventW
SetProcessShutdownParameters
GetSystemTime
GetTickCount
SetUnhandledExceptionFilter
GetThreadPriority
LocalFree
VerSetConditionMask
VerifyVersionInfoW
CreateDirectoryW
GetStartupInfoW
ReadFile
SizeofResource
TerminateThread
FileTimeToSystemTime
SetEvent
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
FindClose
LCMapStringW
GetFileType
GetACP
GetStdHandle
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
IsDebuggerPresent
GetExitCodeThread
ResumeThread
SuspendThread
Thread32Next
OpenThread
Thread32First
CreateToolhelp32Snapshot
GetCurrentThreadId
IsBadWritePtr
LocalUnlock
LocalLock
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
CreateMutexW
ReleaseMutex
GetTimeFormatW
GetDateFormatW
OutputDebugStringW
GetLastError
Sleep
MultiByteToWideChar
CreateEventW
HeapSize
OpenProcess
FindFirstChangeNotificationW
ExitThread
GetSystemDirectoryW
GetVersionExW
GetFileAttributesW
WaitForSingleObject
CreateFileW
InitializeCriticalSectionEx
GetTempPathW
WriteConsoleW
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
TerminateProcess
WriteFile
GetCurrentProcess
EnterCriticalSection
SetPriorityClass
HeapFree
CompareFileTime
SetFileAttributesW
FindNextFileW
FindFirstFileW
SetEndOfFile
GetFileTime
GetLocalTime
FlushFileBuffers
OpenMutexW
FreeLibrary
GetUserDefaultUILanguage
SetProcessAffinityMask
GetProcessAffinityMask
GetProcAddress
GetModuleFileNameW
ProcessIdToSessionId
GetProcessTimes
GetProcessPriorityBoost
SetProcessPriorityBoost
RemoveDirectoryW
MoveFileW
GetVolumeNameForVolumeMountPointW
WinExec
SetLastError
GetPriorityClass

user32

SystemParametersInfoW
ReleaseDC
DialogBoxParamW
BeginPaint
UpdateWindow
InvalidateRect
RegisterWindowMessageW
GetCursorPos
SetForegroundWindow
EndPaint
EnableWindow
LoadImageW
GetKeyState
CallWindowProcW
GetMessageW
LoadAcceleratorsW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
IsIconic
LoadStringW
SetDlgItemInt
IsWindowEnabled
IsDlgButtonChecked
GetDlgItemInt
GetWindowTextW
EndDialog
SetDlgItemTextW
GetDlgItemTextW
SetDlgItemTextA
GetDlgItem
GetWindowLongW
GetMenuItemInfoW
DefWindowProcW
LoadMenuW
PostMessageW
GetWindowRect
GetMenu
DestroyWindow
GetDC
IsWindowVisible
SetWindowPos
MessageBoxW
FillRect
CreateWindowExW
DeleteMenu
ScreenToClient
SendMessageW
SetWindowTextW
CreatePopupMenu
RegisterClassExW
TrackPopupMenu
GetSubMenu
ShowWindow
SetTimer
RedrawWindow
DestroyIcon
GetWindowInfo
ClientToScreen
SetMenuItemInfoW
TrackMouseEvent
GetSysColor
LoadBitmapW
DestroyMenu
EnableMenuItem
LoadIconW
FindWindowW
LoadCursorW
DrawMenuBar
GetWindowDC
SetWindowLongW
CheckMenuItem
GetClientRect
AppendMenuW
KillTimer
CheckDlgButton
PostQuitMessage
GetWindowThreadProcessId
EnumWindows
GetWindow
SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
DrawIcon
GetDialogBaseUnits
GetSystemMetrics
DrawTextW
IsWindow
GetClassNameW
GetSystemMenu
MoveWindow
GetParent
WinHelpW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetAsyncKeyState
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
WaitMessage
GetSysColorBrush
SetFocus

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
CreateFontW
DeleteDC
TextOutW
GetTextExtentPoint32W
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
CreateFontIndirectW
BitBlt
CreateDCW
SetBkColor

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

AdjustTokenPrivileges
GetUserNameW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
EnumServicesStatusExW
StartServiceW
ControlService
QueryServiceStatus
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegDeleteKeyW
LookupAccountSidW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
RegOpenKeyExW
RegDeleteValueW
LookupPrivilegeValueW
RegQueryValueExW

shell32

ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW
DragAcceptFiles
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetDesktopFolder
ExtractAssociatedIconW
DragQueryFileW

ole32

CoCreateInstance
CoCreateGuid
CoInitializeSecurity
CoUninitialize
CoInitialize
CoInitializeEx

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

pdh

PdhGetFormattedCounterValue
PdhCollectQueryData
PdhOpenQueryW
PdhAddCounterW
PdhCloseQuery

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

SHDeleteKeyW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 673KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a55013b0908df187f7a9a2f0f68b8a8d

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdiplus

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

pdh

wtsapi32

version

shlwapi

dbghelp

Sections

.text Size: 673KB - Virtual size: 673KB

.rdata Size: 142KB - Virtual size: 142KB

.data Size: 16KB - Virtual size: 63KB

.gfids Size: 512B - Virtual size: 320B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 249KB - Virtual size: 248KB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 673KB - Virtual size: 673KB

.rdata
Size: 142KB - Virtual size: 142KB

.data
Size: 16KB - Virtual size: 63KB

.gfids
Size: 512B - Virtual size: 320B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 249KB - Virtual size: 248KB

.reloc
Size: 44KB - Virtual size: 43KB