NEAS[.]1761dc24472c81f7e62e9a5cf6b0c230[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1761dc24472c81f7e62e9a5cf6b0c230.exe
Size

204KB
MD5

1761dc24472c81f7e62e9a5cf6b0c230
SHA1

c0b8a4ae0af3ee766033f5c5681e526bd251104a
SHA256

d23114d5dc99796100e84a0aa5a4b01f6564681a291bb821f9aca27a1dd9618f
SHA512

1cae575a350812e0df85a785257dacf2a30178580af6277cbedbacb815e75c36e514b0f8c56350d46c2e553480f8a9a1cb2196a33606ccf5e5b025ffe183c88c
SSDEEP

3072:bRI5CZlzWgMQ0oMX7y3xXr7eSZQ6hUorCmO53C4LdFF4ouxSZu:NI56BWgMQ0oMX7y3985HJLZu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1761dc24472c81f7e62e9a5cf6b0c230.exe

Files

NEAS.1761dc24472c81f7e62e9a5cf6b0c230.exe
.exe windows:4 windows x86

e5b6d4b3669c9e012641b72f45b5a51d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
FormatMessageA
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FindClose
SetFilePointer
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
lstrcpynA
CreateProcessA
WaitForSingleObject
Sleep
lstrcmpiA
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcmpA
GetTickCount
DeleteFileA
WriteFile
CreateFileA
CloseHandle
lstrcatA
MultiByteToWideChar
lstrlenA
GetVersionExA
CopyFileA
ReadFile
GetModuleFileNameA
lstrcpyA
WideCharToMultiByte
GetLocalTime

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
SetTextColor
SetBkMode
GetStockObject
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A

user32

UpdateWindow
PostMessageA
SetKeyboardState
CreateDialogParamA
CreateWindowExA
RegisterClassExA
LoadImageA
GetSystemMetrics
SetWindowPos
LoadIconA
MessageBoxA
MessageBeep
DialogBoxParamA
GetDesktopWindow
IsIconic
SetForegroundWindow
ShowWindow
IsWindowVisible
FindWindowExA
DefWindowProcA
PostQuitMessage
LoadStringA
WinHelpA
IsDlgButtonChecked
EnableWindow
SetDlgItemTextA
GetWindowRect
DestroyWindow
CheckDlgButton
DestroyMenu
GetMenuItemCount
TrackPopupMenu
GetCursorPos
AppendMenuA
CreatePopupMenu
SetFocus
EnableMenuItem
GetKeyboardLayoutNameA
UnhookWindowsHookEx
SetWindowsHookExA
SetTimer
CheckMenuItem
GetSysColor
GetMenu
DestroyIcon
KillTimer
GetWindowTextA
SetWindowLongA
GetWindowLongA
EndDialog
SetCursor
InvalidateRect
GetDlgItemTextA
ChildWindowFromPoint
CallWindowProcA
CallNextHookEx
IsChild
GetForegroundWindow
BringWindowToTop
GetWindowPlacement
GetDlgItemInt
ReleaseCapture
SetCapture
WindowFromPoint
ClientToScreen
GetClientRect
SetDlgItemInt
GetMenuItemRect
MoveWindow
EndPaint
BeginPaint
RegisterClassA
ReleaseDC
GetDC
GetKeyboardState
keybd_event
MessageBoxIndirectA
DeleteMenu
SetMenuItemInfoA
InsertMenuItemA
GetSubMenu
GetMenuItemInfoA
OffsetRect
CopyRect
wvsprintfA
EnumWindows
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageA
LoadAcceleratorsA
GetMessageA
wsprintfA
SetWindowTextA
GetFocus
GetParent
GetDlgItem
GetKeyState
DispatchMessageA
TranslateMessage
IsDialogMessageA
TranslateAcceleratorA
LoadCursorA

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

comctl32

InitCommonControlsEx

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5b6d4b3669c9e012641b72f45b5a51d

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comdlg32

comctl32

shell32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 40KB - Virtual size: 49KB

.rsrc Size: 48KB - Virtual size: 158KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 40KB - Virtual size: 49KB

.rsrc
Size: 48KB - Virtual size: 158KB