NEAS[.]3bf9febd5cf104d693e8bcbadbc135a0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.3bf9febd5cf104d693e8bcbadbc135a0.exe
Size

515KB
MD5

3bf9febd5cf104d693e8bcbadbc135a0
SHA1

db9df4f4b0b48c671c031d1def0fa2d706e4862b
SHA256

23e1ceda5a7a4cbc1ed8781702568ab9e4520a751b4d522d3f448ba7ca17437b
SHA512

797ff72cc4783399008a8c5f7f5873b74acf0f20ff2df25e8c74ba208e948a0d111617891c8d9b183499a1cf42e88624a7f30c8e96fbfec2598b85185312a133
SSDEEP

6144:FgmsOCvSvmwiNl2fO9IGTtxQShmWXGbW2wJmlliFRjGk/IlyjI6tH+WA8CxL01/Q:Gaewm/3hmCSlSRjIFWkdQ1ytnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3bf9febd5cf104d693e8bcbadbc135a0.exe

Files

NEAS.3bf9febd5cf104d693e8bcbadbc135a0.exe
.dll windows:6 windows x86

13966d111042d4cc8d4c8a56c5cc5e79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTimeZoneInformation
GetLocalTime
CreatePipe
EnumResourceTypesW
TlsAlloc
TlsFree
ExitThread
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
GetOEMCP
GetModuleHandleExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
TlsSetValue
GetCurrentProcess
Sleep
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
CreateDirectoryW
InitializeSListHead
VerSetConditionMask
SystemTimeToFileTime
GlobalUnlock
FindResourceW
GetCPInfo
EncodePointer
GetTickCount
GetUserDefaultUILanguage
RemoveDirectoryW
ReadProcessMemory
GetSystemDefaultUILanguage
ResumeThread
OpenFileMappingA
GetCurrentProcessId
CreateEventW
FindFirstFileA
GetStartupInfoW
MultiByteToWideChar
GetACP
CompareStringW
HeapDestroy
CreateEventA
GetProcessTimes
WaitForSingleObjectEx
GetLogicalDrives
QueryPerformanceCounter
TlsGetValue
SetFilePointer
GlobalMemoryStatus
GetTempFileNameW
lstrcpyW
SizeofResource
OpenProcess
FileTimeToLocalFileTime
IsValidCodePage
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
GetLastError
GetStringTypeW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
WideCharToMultiByte

user32

SetWindowTextA
RegisterWindowMessageW
UnregisterClassA
GetDlgItemTextA
GetDoubleClickTime
GetKeyboardLayout
SystemParametersInfoW
ReleaseDC
DrawStateW
SetWindowLongW
MessageBoxW
SetDlgItemTextA
ClientToScreen
PostQuitMessage
IsIconic
LoadStringA
SetScrollRange
IsRectEmpty
IsDlgButtonChecked
DrawMenuBar
DrawFocusRect
ValidateRgn
EndMenu
DestroyWindow
GetMessageA
IsZoomed
GetParent
LoadIconA
RemovePropA
ShowCaret
SetClassLongA
CharUpperW
DefWindowProcA
SetWindowsHookExA
SendDlgItemMessageW
SetDlgItemTextW
SendMessageW
CheckMenuItem
SetTimer
SendDlgItemMessageA
TrackPopupMenu
DeleteMenu
MessageBoxA
DestroyCursor
ValidateRect

gdi32

StretchBlt
CombineRgn
Arc
GetDeviceCaps
CopyEnhMetaFileA
GetPaletteEntries
Ellipse
SetTextAlign
SetTextColor
RealizePalette
IntersectClipRect
RestoreDC
LineTo
GetMetaFileBitsEx
CreateFontIndirectA
GdiFlush
CreateBrushIndirect
StretchDIBits
GetCharWidth32A
GetClipBox
CreateHatchBrush
SetPolyFillMode
GetPixel
CreateEnhMetaFileW
UpdateColors
CreateHalftonePalette

advapi32

RegGetKeySecurity
CopySid
SetSecurityDescriptorDacl
LookupPrivilegeValueW
RegQueryValueExW
RegOpenKeyExA
EqualSid
RegLoadKeyW
ControlService
QueryServiceStatus

shell32

CommandLineToArgvW
ExtractIconExW

ole32

CoTaskMemFree

oleaut32

SafeArrayGetUBound
VariantClear
VariantInit

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13966d111042d4cc8d4c8a56c5cc5e79

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 393KB - Virtual size: 393KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 20KB - Virtual size: 424KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 393KB - Virtual size: 393KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 20KB - Virtual size: 424KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 14KB - Virtual size: 14KB