NEAS[.]9ecf9395aa75cff71eb905b25a58e070[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9ecf9395aa75cff71eb905b25a58e070.exe
Size

88KB
MD5

9ecf9395aa75cff71eb905b25a58e070
SHA1

75563c16d2b98cd3c639bd303148d2f60ab3cc98
SHA256

d6707578e7c3f3087d14095223ce46f0038ec2e0b79c0b5d11d5767b1cc86ef2
SHA512

ab8a039a3cd9bc7dadac0c0b980c4b232b6981100df43f814fa2589da3e62db5ebaca28c2942464030a2eabf90c706560aa7df7a4a8d4136056b02cbfd02c033
SSDEEP

1536:gsP8haW48Q0osAkYcwUIMgE480skcUME80skeRe5848Q0w0U0Fe/sJHh48Q0w0UT:gskh/48Q0osAkYcwUIMgE480skcUME84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9ecf9395aa75cff71eb905b25a58e070.exe

Files

NEAS.9ecf9395aa75cff71eb905b25a58e070.exe
.exe windows:4 windows x86

2ac7701744b0b2430781b94ab3de9e4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
WriteFile
SetFilePointer
CreateFileA
CloseHandle
GlobalFree
ReadFile
OpenFile
GlobalSize
GlobalHandle
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
LoadLibraryA
GetCPInfo
GetStringTypeW
GetACP
RtlUnwind
GetFileType
GetStringTypeA
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetCurrentProcess
HeapCreate
LCMapStringW
LCMapStringA
TerminateProcess
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
GetVersion
GetCommandLineA
ExitProcess
GetModuleHandleA
GetOEMCP
GetStartupInfoA
lstrcpyA
HeapFree
GetLastError
FlushFileBuffers
SetStdHandle
HeapAlloc

user32

DdeInitializeA
MessageBoxA
LoadImageA
DdeCreateStringHandleA
DdeNameService
GetMessageA
TranslateMessage
DispatchMessageA
TranslateMDISysAccel
LoadAcceleratorsA
SetWindowTextA
EnableWindow
GetWindowLongA
GetDC
ReleaseDC
GetClientRect
DialogBoxParamA
DefFrameProcA
GetWindowTextA
ShowWindow
GetWindow
SendMessageA
EndDialog
UpdateWindow
LoadIconA
RegisterClassA
DdeUninitialize
LoadStringA
GetDlgItem
SendDlgItemMessageA
SetScrollRange
wsprintfA
GetSystemMetrics
BeginPaint
PostMessageA
DdePostAdvise
ScrollWindow
CharUpperA
EndPaint
GetScrollRange
DefMDIChildProcA
GetKeyState
GetScrollPos
SetScrollPos
SetWindowLongA
CreateWindowExA
GetMenu
GetSubMenu
DdeDisconnect
MoveWindow
InvalidateRect
BringWindowToTop
DestroyWindow
PostQuitMessage
DdeCreateDataHandle
DdeCmpStringHandles
DdeQueryStringA
TranslateAcceleratorA
FindWindowA
DdeFreeStringHandle
EnableMenuItem
LoadCursorA

gdi32

SetTextColor
DeleteObject
ExtTextOutA
SelectObject
CreateSolidBrush
MoveToEx
CreatePen
LineTo
GetStockObject
GetTextExtentPoint32A
SetBkColor
CreateFontIndirectA
GetTextMetricsA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ac7701744b0b2430781b94ab3de9e4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 24KB - Virtual size: 20KB