NEAS[.]dd0c6c92c7eb56750a0304036d8c6990[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dd0c6c92c7eb56750a0304036d8c6990.exe
Size

1.6MB
MD5

dd0c6c92c7eb56750a0304036d8c6990
SHA1

bf7170ea2ca7cc6a386994a18115a09b243f55d7
SHA256

e61961972a2bc7990669913d7f26de398f78a67e75e320ed283d6cfa71351a25
SHA512

6d05b8b57c9c6a6517577baeec59324281c32f68ccebdc4eac6e2e4587a7236d7d112bf55cbf71d199b5c473935b4e8e27cff200372f44fade20a404b95ca945
SSDEEP

49152:zRQkKqfmxEjXp6xP8NOWjtZ3JxwAohJB3:zRB5HtZ3Jxqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dd0c6c92c7eb56750a0304036d8c6990.exe

Files

NEAS.dd0c6c92c7eb56750a0304036d8c6990.exe
.exe windows:6 windows x86

d68c3e10a16ac27301d41b6e39c46758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glAlphaFunc
glClear
glGetError
glFinish
wglMakeCurrent
wglDeleteContext
wglCreateContext
glTranslatef
glScalef
glRotatef
glOrtho
glLoadMatrixf
glLoadIdentity
glLineWidth
glHint
glTexSubImage2D
glTexParameteri
glTexImage2D
glGenTextures
glDeleteTextures
glBindTexture
wglGetProcAddress
glVertexPointer
glTexCoordPointer
glPushMatrix
glPopMatrix
glDrawArrays
glColorPointer
glScissor
glGetBooleanv
glMatrixMode
glGetString
glGetIntegerv
glEnableClientState
glEnable
glDisableClientState
glDisable
glDepthMask
glDepthFunc
glCullFace
glColor4f
glClearColor
glBlendFunc

zlib1

inflateEnd
inflate
inflateInit_

wsock32

htons
ntohs
bind
closesocket
connect
inet_ntoa
WSAGetLastError
setsockopt
select
getsockname
__WSAFDIsSet
recv
ntohl
WSACleanup
WSAStartup
WSAAsyncSelect
gethostbyname
socket
send
htonl

iphlpapi

GetAdaptersInfo

discord-rpc

Discord_Shutdown
Discord_RunCallbacks
Discord_UpdatePresence
Discord_Respond
Discord_Initialize

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ws2_32

WSARecvFrom
WSASendTo

audiere

_AdrOpenSampleSource@8
_AdrOpenDevice@8
_AdrOpenSound@12

kernel32

DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetExitCodeThread
WaitForSingleObjectEx
GetCurrentThreadId
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WideCharToMultiByte
GetSystemTimeAsFileTime
MultiByteToWideChar
LCMapStringEx
HeapSize
SetEndOfFile
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapReAlloc
SetStdHandle
GetTimeZoneInformation
DeleteFileW
FlushFileBuffers
GetFileAttributesExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapAlloc
WriteConsoleW
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SetFileTime
GetFileType
CreateFileW
GetModuleHandleExW
FreeLibraryAndExitThread
DebugBreak
OutputDebugStringA
CloseHandle
GetLastError
SetLastError
CreateMutexA
Sleep
GetTickCount
GetModuleFileNameA
WerSetFlags
CreateDirectoryA
FindClose
GetFullPathNameA
GetVolumeInformationA
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoA
GlobalFree
LocalFree
GetComputerNameA
GetWindowsDirectoryA
ExitThread
CreateThread
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
ReadFile
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
RaiseException
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStringTypeW
GetProcAddress
GetModuleHandleW

user32

GetClipboardData
CloseClipboard
OpenClipboard
SetProcessDPIAware
ChangeDisplaySettingsA
LoadCursorA
GetWindowThreadProcessId
FindWindowA
GetDesktopWindow
SetWindowLongA
SetRect
ClientToScreen
MessageBoxA
AdjustWindowRect
GetWindowRect
GetClientRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
AllowSetForegroundWindow
SetForegroundWindow
KillTimer
ToAsciiEx
GetKeyboardState
GetAsyncKeyState
GetKeyState
SetWindowPos
OpenIcon
ShowWindow
DestroyWindow
CreateWindowExA
RegisterClassA
SetDoubleClickTime
DefWindowProcA
PostMessageA
SendMessageTimeoutA
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
TrackMouseEvent
GetKeyboardLayout
GetForegroundWindow
GetSystemMetrics
GetCursorPos

gdi32

GetStockObject
SwapBuffers
GetDeviceCaps
ChoosePixelFormat
SetPixelFormat

advapi32

ConvertSidToStringSidA
LookupAccountNameA
GetUserNameA

shell32

ShellExecuteA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d68c3e10a16ac27301d41b6e39c46758

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

zlib1

wsock32

iphlpapi

discord-rpc

winmm

ws2_32

audiere

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 182KB - Virtual size: 182KB

.reloc Size: 51KB - Virtual size: 50KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 182KB - Virtual size: 182KB

.reloc
Size: 51KB - Virtual size: 50KB