NEAS[.]87e6a4f149d1a3d2e58b3ef937716c30[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.87e6a4f149d1a3d2e58b3ef937716c30.exe
Size

1.5MB
MD5

87e6a4f149d1a3d2e58b3ef937716c30
SHA1

8b2c15caa47cfde1a7ed77ea6c206bc5e0c9846e
SHA256

8b667dbc85632f4fe67ae646bbf2fd9cc41fb8228a325621aa43199c3e05ec15
SHA512

ca1ebd7a987ec7a7debf3148b14b51bb78a1f08b7e9f01cc4f01ec5aee4c74454b8359083aee85cfd42a23e2e182721b0d9e251de04fab35e4bbfcdf08790577
SSDEEP

24576:qQHul7GjZaOIzgcWuUy2zSTum4KTl8P1aQn+yY1J+J5s01fn:Vul7G0zgcWuUyESJxuD81kpfn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.87e6a4f149d1a3d2e58b3ef937716c30.exe

Files

NEAS.87e6a4f149d1a3d2e58b3ef937716c30.exe
.exe windows:4 windows x86

f504ff328f014fbbaace6e34f21e555e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

joyGetNumDevs
joyGetDevCapsA
joyGetPosEx
timeGetTime
timeEndPeriod
timeGetDevCaps
timeBeginPeriod

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

dsound

ord1

kernel32

SetEndOfFile
WriteFile
VirtualAlloc
VirtualFree
ReadFile
FlushFileBuffers
GetFileSize
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SetFilePointer
DeleteFileA
FreeResource
LockResource
LoadResource
FindResourceA
GlobalMemoryStatus
GetSystemInfo
GetModuleHandleA
IsBadReadPtr
GetProcAddress
LoadLibraryA
GetVersionExA
GetWindowsDirectoryA
CreateFileA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
HeapFree
HeapAlloc
HeapReAlloc
MultiByteToWideChar
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetLocalTime
GetSystemTime
GetTimeZoneInformation
CreateEventA
GetLastError
WinExec
CreateThread
SetThreadPriority
TerminateThread
CloseHandle
Sleep
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetWindowPlacement
GetMenu
GetWindowLongA
AdjustWindowRectEx
SetWindowPlacement
UnregisterClassA
RegisterClassA
GetParent
SetFocus
GetClientRect
ClientToScreen
GetClassInfoA
GetDC
ReleaseDC
DrawTextA
wsprintfA
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
SetCursor
DefWindowProcA
PostQuitMessage
SetCursorPos
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
GetCursorPos
FindWindowA
SetForegroundWindow
DestroyWindow
MessageBoxA
MessageBeep
PostMessageA
SetWindowTextA
LoadIconA
SendMessageA
GetDlgItemTextA
DialogBoxParamA
SendDlgItemMessageA
EndDialog
WaitMessage

gdi32

SetBkMode
SetTextColor
StretchBlt
GetStockObject
GetPaletteEntries

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f504ff328f014fbbaace6e34f21e555e

Headers

File Characteristics

Imports

winmm

ddraw

dsound

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 28KB - Virtual size: 33.5MB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 28KB - Virtual size: 33.5MB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB