NEAS[.]17c96e2e9af5eef24e240950caee55f0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.17c96e2e9af5eef24e240950caee55f0.exe
Size

164KB
MD5

17c96e2e9af5eef24e240950caee55f0
SHA1

bc7c841925691a75d53039f53216202468858113
SHA256

1b9a4e1c2dda3349be5d7d2174e306b83a8ca4da5d18f289a7d606ef403ec009
SHA512

edd346f78c5198fad6cdb6154038d843a2308b11645b552b29d9ea85f8494fe8da4fef0a80563fc4fb6a8aeaa458d83485b47d3d64b7fa3a5d3a86f29dab14ec
SSDEEP

1536:DuCO8h1GtnV/J9L9VokULzTlIwXLttUEGHivdMxnz51eZot9oBOttKC3UnLXeiRq:D/wd9ixLttCkMzZ9kObKFLXeiRq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.17c96e2e9af5eef24e240950caee55f0.exe

Files

NEAS.17c96e2e9af5eef24e240950caee55f0.exe
.exe windows:4 windows x86

b30c2c7daaab1de05118429928e3359d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

kernel32

GetConsoleOutputCP
WriteConsoleA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetModuleFileNameA
GetTempPathA
GetLastError
lstrlenA
LocalAlloc
LocalFree
DeleteFileA
SetFileAttributesA
WriteConsoleW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindNextFileA
FindFirstFileA
CreateFileA
CreateDirectoryA
RemoveDirectoryA
SetEnvironmentVariableA
GetEnvironmentVariableA
Sleep
CreateSemaphoreA
SetEndOfFile
CompareStringA
CompareStringW
GetFileAttributesA
TlsGetValue
GetLocaleInfoA
RaiseException
RtlUnwind
GetLocalTime
WideCharToMultiByte
GetTimeZoneInformation
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
ExitProcess
WriteFile
MultiByteToWideChar
ReadFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
LoadLibraryA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b30c2c7daaab1de05118429928e3359d

Headers

File Characteristics

Imports

setupapi

kernel32

advapi32

shell32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 68KB - Virtual size: 74KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 68KB - Virtual size: 74KB

.rsrc
Size: 4KB - Virtual size: 1KB