NEAS[.]3457b77773b06fd5f3f062201f0fbc60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3457b77773b06fd5f3f062201f0fbc60.exe
Size

3.3MB
MD5

3457b77773b06fd5f3f062201f0fbc60
SHA1

2613218c1916a490db6799664d57d255cc9606d3
SHA256

ee8f011b6bb214ee847a3a71db805313089d10d4f347d4d0358762c569f2aad9
SHA512

bb30794f07724ef7fed462584902b33ddab75833aee80232927afba2c88f41f6e29ae308e6e86e58aaa56ef7b42bb5d98ef7a9e531b8443a9cf45b310f6724b5
SSDEEP

98304:1+TTSN8Y4+zVGyBZEuT20OX5G5ly4z71WMG2:1+HSNy+5BeuT2NpG5ly4zkMG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3457b77773b06fd5f3f062201f0fbc60.exe

Files

NEAS.3457b77773b06fd5f3f062201f0fbc60.exe
.exe windows:4 windows x86

52b76b6231ea1d5e2852e6d58f9fd0d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetOpenEnumA
WNetCloseEnum

comctl32

ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Write
ord17
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
_TrackMouseEvent
ImageList_DragLeave

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
MoveFileA
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
SetThreadLocale
SizeofResource
Sleep
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
GetOEMCP
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetLastError
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
TerminateProcess
GetVersion
RtlUnwind
LocalAlloc
LoadResource
LoadLibraryExA
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationA
GetVersionExA
GetTimeZoneInformation
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentDirectoryA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindNextChangeNotification
FindFirstFileA
FindFirstChangeNotificationA
FindCloseChangeNotification
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnumCalendarInfoA
DosDateTimeToFileTime
DeleteFileA
DeleteCriticalSection
CreateThread
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
GetStartupInfoA
GetLocalTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetProcessHeap
HeapAlloc
CloseHandle
HeapFree
SetFileAttributesA

user32

OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
VkKeyScanA
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowTextA
GetWindowRect
OffsetRect
GetWindowLongW
GetWindowLongA
GetWindowDC
GetSystemMetrics
GetSystemMenu
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetLastActivePopup
GetKeyState
GetKeyNameTextA
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExA
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
ActivateKeyboardLayout
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
GetWindowPlacement
KillTimer
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffA
CharToOemA
CharNextA
CharLowerBuffA
GetSysColorBrush

gdi32

CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
ExcludeClipRect
ExtCreateRegion
ExtTextOutA
GdiFlush
CreateBitmap
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
CreateHalftonePalette
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
CreateFontIndirectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsA
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
Polyline
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBitsToDevice
SetEnhMetaFileBits
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
SetWinMetaFileBits
StretchBlt
UnrealizeObject
CreateDIBSection
CreateDIBitmap
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CopyEnhMetaFileA
CombineRgn
GetEnhMetaFileBits
BitBlt
CreateBrushIndirect

advapi32

RegOpenKeyExA
RegFlushKey
RegCloseKey
OpenProcessToken
GetTokenInformation
IsValidSid
GetLengthSid
CopySid
RegQueryValueExA

ole32

CoCreateInstance
CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

VariantCopy
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
GetErrorInfo
VariantInit

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cdata2
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btls1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fo108
Size: 799KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52b76b6231ea1d5e2852e6d58f9fd0d9

Headers

File Characteristics

Imports

mpr

comctl32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.cdata2 Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 4.0MB

.btls1 Size: 8KB - Virtual size: 4KB

.rsrc Size: 168KB - Virtual size: 164KB

fo108 Size: 799KB - Virtual size: 800KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.cdata2
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 4.0MB

.btls1
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 168KB - Virtual size: 164KB

fo108
Size: 799KB - Virtual size: 800KB