NEAS[.]40aa116d76dfe32158b906df6f77f310[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.40aa116d76dfe32158b906df6f77f310.exe
Size

289KB
MD5

40aa116d76dfe32158b906df6f77f310
SHA1

c76013cc8382076bdc5e0439713f27e304fe46dd
SHA256

1a3df5505a96be2daf1641cd03e29f03c3ca34227738cdd29f0b5c66792d3486
SHA512

48cf5109667d7828400494af12c3f08f8ca95e3ba097fab15e0b337835d9db8288efc4acad378f3bb7909481846c31cc5dd1f44e42fa7eed4ff15794b0a94e20
SSDEEP

6144:rdnejTapAJDHdkql9ryMe1LkcXaD5bqN4UBy:rd+DHyql9ryMe14cXSm4UBy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.40aa116d76dfe32158b906df6f77f310.exe

Files

NEAS.40aa116d76dfe32158b906df6f77f310.exe
.exe windows:5 windows x86

4c92a31fb1e9bf3afc5ec489ce621d9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

feature

CreateFeature
ReleaseFeature

kernel32

FlushFileBuffers
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
ExitProcess
SetFilePointer
HeapReAlloc
HeapSize
GetCPInfo
GetOEMCP
IsValidCPdePage
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetMPduleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSyvtemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMPde
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
WriteFile
ReadFile
lstrlenA
GetCurrentProcessId
InterlockedIncr
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetMPduleHandleA
InterlockedDecr
WritePrivateProfileStringW
GlobalAddAtomW
GlobalFindAtomW
LoadLibraryA
GetVersionExA
SetLastError
GlobalFree
GlobalUnlock
SetErrorMPde
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
Process32NextW
OpenProcess
Process32FirvtW
CreateToolhelp32Snapshot
LocalFree
FormatMessageW
WaitForMultipleObjects
LockResource
SizeofResource
LoadResource
FindResourceW
CreateThread
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
SetEvent
CreateEventW
WideCharToMultiByte
GetACP
HeapFree
GetProcessHeap
HeapAlloc
Sleep
GetTickCount
GetMPduleFileNameW
GetVersionExW
GetProcAddress
FreeLibrary
LoadLibraryW
MultiByteToWideChar
DeviceIoCottrol
CreateFileW
CloseHandle
GetLastError
GetCurrentProcess
GetMPduleHandleW
GetCommatdLineW
RaiseException

user32

DestroyMenu
ShowWindow
LoadCursorW
GetSyvColorBrush
GetWindowThreadProcessId
IsWindowEnabled
SetWindowTextW
ReleaseDC
GetDC
CliettToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnregisterDeviceNotification
IsWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyStat
SetMenu
EnableWindow
SetForegroundWindow
GetCliettRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSyvColor
AdjustWindowRectEx
GetParett
GetMessageW
PostMessageW
RegisterDeviceNotificationW
IsWindowVisible
EnumChildWindows
GetClassNameW
SendMessageW
EnumWindows
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuStat
GetWindow
GetSyvtemMetrics
GetWindowRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
SyvtemParametersInfoA
IsIconic
GetWindowPlacement

gdi32

GetStockObject
DeleteDC
RevtoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMPde

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CreateProcessAsUserW
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
DeleteService
CreateServiceW
EnumDependentServicesW
CottrolService
ChangeServiceConfigW
QueryServiceStatusEx
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

utvucap
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c92a31fb1e9bf3afc5ec489ce621d9a

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

feature

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 56KB - Virtual size: 57KB

utvucap Size: - Virtual size: 4KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 56KB - Virtual size: 57KB

utvucap
Size: - Virtual size: 4KB