NEAS[.]4636f787ded435805fe308ba054893f0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.4636f787ded435805fe308ba054893f0.exe
Size

305KB
MD5

4636f787ded435805fe308ba054893f0
SHA1

daff7cbc27c7eb987b71814c8671db169077e437
SHA256

00290bb300599a5bcf565453726c47a5430dfb6a9e5d88eab9a1f8464544e15e
SHA512

d42d4093f4f1c165cc5f991ba00cb76df16374350e1f2717ef8cad6ba986b80614ea86496e7d472d3f1213775ef535a984a50c567a6ae21b6cd7f1e275a12448
SSDEEP

6144:nRA8OLSiFp6aI3ocYHBbdVKPKTUcvtFa10eaLT/gs33dkBUw61e2rFZqqDLuvsMB:RlxiFp3I3mBIEUcva102AtkBUzDreqnw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4636f787ded435805fe308ba054893f0.exe

Files

NEAS.4636f787ded435805fe308ba054893f0.exe
.exe windows:4 windows x86

3476f14f247777c5d8c9f11b005bde6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetTempPathA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
CreateDirectoryA
MoveFileA
SetThreadPriority
WaitForSingleObject
GetTimeZoneInformation
GetModuleFileNameA
WaitForMultipleObjects
GetProcAddress
LeaveCriticalSection
CreateThread
GetVersionExA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
DeleteFileA
GetFileSize
CreateFileA
Sleep
SetEndOfFile
FlushFileBuffers
WriteFile
ReadFile
SetFilePointer
GetLastError
GetModuleHandleA
CloseHandle
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
LoadLibraryA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
GetCurrentDirectoryA
GetFullPathNameA
GetFileType
SetHandleCount
SetEnvironmentVariableA
RaiseException
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
ExitThread
GetCurrentThreadId
FindNextFileA
ExitProcess
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetStdHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc

user32

FindWindowA
SendMessageA
RegisterClassA
DestroyWindow
PostThreadMessageA
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenServiceA
DeleteService
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
CloseServiceHandle
CreateServiceA
RegCreateKeyExA
RegSetValueExA
ControlService
QueryServiceStatus
SetServiceStatus
StartServiceA

shell32

ShellExecuteExA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

wsock32

select
recvfrom
ntohs
ioctlsocket
WSAGetLastError
sendto
gethostname
gethostbyname
inet_addr
recv
send
connect
inet_ntoa
socket
closesocket
ntohl
getsockname
htonl
listen
shutdown
accept
WSACleanup
WSAStartup
htons
bind

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3476f14f247777c5d8c9f11b005bde6e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wsock32

Sections

.text Size: 235KB - Virtual size: 235KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 19KB - Virtual size: 33KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 235KB - Virtual size: 235KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 19KB - Virtual size: 33KB

.rsrc
Size: 21KB - Virtual size: 20KB