NEAS[.]37079221246bd8f31604cf45530108c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.37079221246bd8f31604cf45530108c0.exe
Size

41KB
MD5

37079221246bd8f31604cf45530108c0
SHA1

dc8fe555d974c11b7d42d2636547d2bb45762e3b
SHA256

c0d7a797a9b378158703282bb006808a5bb67ea9026163a3c1f80e149bd1ae3e
SHA512

542fe3b53b80f532267b45f7c2a18e84ee3081d17b3deef291f24dfc7ee4420f68b80bbe064aa8dda9b3794352a0cdb4ba8b6059a0fc8767d639f5c9459d1eea
SSDEEP

768:LTV4yr11mAUCfgC/zNbCri5IoZSAzcwf3MveTdX9y2YJ+2j:L54e11BUegC/ZbCu5IoZSAzcwf3MveTu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.37079221246bd8f31604cf45530108c0.exe

Files

NEAS.37079221246bd8f31604cf45530108c0.exe
.exe windows:4 windows x86

f0d3ac87f80692f29f7ae47386f77d39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW

onex

OneXAddEapAttributes
OneXAddTLV

msvcrt

fread
fopen

msdart

??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ

kernel32

QueryDosDeviceA
GetVersionExW
ReadConsoleA
EnumCalendarInfoW
GetACP
LocalFlags
LockResource
LocalCompact
GetWindowsDirectoryA

msacm32

acmFilterEnumW
acmFormatTagDetailsW
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmDriverMessage
acmFilterDetailsW

perfctrs

CloseDhcpPerformanceData

mfcsubs

??0CString@@QAE@XZ

mscms

AssociateColorProfileWithDeviceA
AssociateColorProfileWithDeviceW
CheckBitmapBits
CheckColors
CloseColorProfile
ConvertColorNameToIndex
ConvertIndexToColorName
CreateColorTransformA
CreateColorTransformW
CreateDeviceLinkProfile
CreateMultiProfileTransform
CreateProfileFromLogColorSpaceA
CreateProfileFromLogColorSpaceW
DeleteColorTransform
AssociateColorProfileWithDeviceA
AssociateColorProfileWithDeviceW
CheckBitmapBits
CheckColors
CloseColorProfile
ConvertColorNameToIndex
ConvertIndexToColorName
CreateColorTransformA
CreateColorTransformW
CreateDeviceLinkProfile
CreateMultiProfileTransform
CreateProfileFromLogColorSpaceA
CreateProfileFromLogColorSpaceW
DeleteColorTransform

aclui

CreateSecurityPage
EditSecurity

Sections

code
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_MEM_WRITE

DATA
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RDATA
Size: 512B - Virtual size: 496B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0d3ac87f80692f29f7ae47386f77d39

Headers

File Characteristics

Imports

odbc32

onex

msvcrt

msdart

kernel32

msacm32

perfctrs

mfcsubs

mscms

aclui

Sections

code Size: 1KB - Virtual size: 10KB

DATA Size: 10KB - Virtual size: 84KB

.rsrc Size: 26KB - Virtual size: 28KB

.reloc Size: 512B - Virtual size: 4KB

.RDATA Size: 512B - Virtual size: 496B

code
Size: 1KB - Virtual size: 10KB

DATA
Size: 10KB - Virtual size: 84KB

.rsrc
Size: 26KB - Virtual size: 28KB

.reloc
Size: 512B - Virtual size: 4KB

.RDATA
Size: 512B - Virtual size: 496B