NEAS[.]2fa0ada55fc6ca8518b4cd1f15497550[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.2fa0ada55fc6ca8518b4cd1f15497550.exe
Size

153KB
MD5

2fa0ada55fc6ca8518b4cd1f15497550
SHA1

0ddaf5a9b85bc130c91bd7ed45f66efbb4f25d73
SHA256

1d1c2182bbe3fce5d2eaf2a0777316ce367eb576e7e6fec6474628ae05ea5fc2
SHA512

938f8a89b0e497b65daba444f3d69a126ab63ccbf464d6914fae7c71afdd71479ce9403cd88a3944edf2f66e6b52639237c3ae4433ba0a5ed10a437044763334
SSDEEP

3072:r9qjlpVNyo6En33QC5XbdktNMsBMpgWG34TVDOJ:r9qjVN1jnHQydk49qYDOJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2fa0ada55fc6ca8518b4cd1f15497550.exe

Files

NEAS.2fa0ada55fc6ca8518b4cd1f15497550.exe
.exe windows:4 windows x86

7b4d6cd9f83663684ade0975e36cab56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CreateBindCtx
CoGetObjectContext
CoGetMalloc
PropVariantClear
OleRegGetUserType
CoReleaseMarshalData
WriteClassStm
CreateBindCtx
CoCreateFreeThreadedMarshaler
CoGetObjectContext
CoDisconnectObject
ReleaseStgMedium
OleRegGetUserType
CoReleaseMarshalData
CreateStreamOnHGlobal
MkParseDisplayName
CoFreeUnusedLibraries
CLSIDFromString
CreateOleAdviseHolder
CoDisconnectObject
CoGetMalloc
CoRevokeClassObject
CLSIDFromProgID
CoReleaseMarshalData
CreateStreamOnHGlobal
CLSIDFromProgID

shell32

SHGetDesktopFolder

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
FindTextA

advapi32

GetLengthSid

gdi32

CreateCompatibleDC
GetPaletteEntries
SelectPalette
CreateBrushIndirect
SaveDC
SelectObject
GetDIBits
CreateDIBitmap
RestoreDC

msvcrt

tolower
memset
rand
malloc
clock
atol
memcpy
exit
sqrt
memcpy
rand
atol
srand
exit
_acmdln
wcstol
memmove
swprintf
wcsncmp
memset
wcschr
srand
sprintf
tolower
calloc
memmove
rand
mbstowcs
memcpy
exit
wcstol

version

VerFindFileA
VerQueryValueA

user32

GetSubMenu
GetDC
GetActiveWindow
EnumWindows
RegisterClassA
IsWindowEnabled
SystemParametersInfoA
DefFrameProcA
DrawEdge
GetClientRect
EnableWindow
BeginDeferWindowPos
GetFocus
GetMenuItemCount
GetScrollRange
GetClipboardData
SetWindowPos
IsWindowVisible
GetClassInfoA

kernel32

FormatMessageA
HeapFree
GetModuleHandleA
GetOEMCP
VirtualAllocEx
LoadLibraryA
LockResource
CompareStringA
LocalAlloc
ExitProcess
RaiseException
GetLastError
GetFullPathNameA
LocalReAlloc
LoadLibraryExA

shlwapi

PathIsDirectoryA
SHEnumValueA
SHStrDupA
SHQueryInfoKeyA
SHQueryValueExA
SHGetValueA
SHDeleteValueA
SHDeleteKeyA
SHSetValueA
PathIsContentTypeA

Sections

INIT
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 5KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b4d6cd9f83663684ade0975e36cab56

Headers

File Characteristics

Imports

ole32

shell32

comdlg32

advapi32

gdi32

msvcrt

version

user32

kernel32

shlwapi

Sections

INIT Size: 26KB - Virtual size: 26KB

DATA Size: 116KB - Virtual size: 116KB

BSS Size: 5KB - Virtual size: 113KB

.init Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

INIT
Size: 26KB - Virtual size: 26KB

DATA
Size: 116KB - Virtual size: 116KB

BSS
Size: 5KB - Virtual size: 113KB

.init
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB