NEAS[.]db3ee897928df76d35b2684fc02f3570[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.db3ee897928df76d35b2684fc02f3570.exe
Size

71KB
MD5

db3ee897928df76d35b2684fc02f3570
SHA1

f8da6f30307279796b10de6844b71f03534abe0f
SHA256

fb32cf60c356fa013a9bccf00c81ddce3010dd33d7982dccfaad97aa93fd405f
SHA512

0fe6d144d10f0fe09c0f1d82e0935120bff78f4f69240ae9864dc0a81e53790190bd857bf2d4a79e867b40ebb2d2b8e3cd3e1912c2615e7e9355abe4871a7b56
SSDEEP

768:ToW4f6kfXXpAE6Fs/NbXEl79V69nA3PXT+DIeOKedn9GpziL3dQI3IRzjRFY7LS2:ToRxNbK5PXKDIeOKG9iziLNZ3IBgLSTK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.db3ee897928df76d35b2684fc02f3570.exe

Files

NEAS.db3ee897928df76d35b2684fc02f3570.exe
.exe windows:4 windows x64

699d6ad4f60688ed873d486abe725794

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetCurrentDirectoryW
GetLastError
GetModuleFileNameW
CopyFileW
SetFileAttributesW
DeleteFileW
GetSystemDirectoryW
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LoadLibraryA
InitializeCriticalSection
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
HeapSize
CloseHandle

advapi32

StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
ControlService

setupapi

SetupOpenInfFileW
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupInstallServicesFromInfSectionW
SetupCloseInfFile

shlwapi

PathFindFileNameW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

699d6ad4f60688ed873d486abe725794

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

setupapi

shlwapi

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 13KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 500B

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 500B