NEAS[.]24bfe420da18b3f201ccd1d240ec8180[.]exe

General

Target

NEAS.24bfe420da18b3f201ccd1d240ec8180.exe
Size

401KB
MD5

24bfe420da18b3f201ccd1d240ec8180
SHA1

a7b40ea08dad4ae3d640a6d85b1a6a1d14e78116
SHA256

1c8c92e3c1b0187db0a3ac0414edcae152995f96a9ca0030fef015782cf435b9
SHA512

fef1013888f92e305d855e019ceaf8c011ed9becca45a8b1abd9b6f59d5a9650c6578a2506a08059f099dbc0c0649ec7546a85004144a7d82f59a45d1c443563
SSDEEP

6144:/lxzS0pGUTyOG9sZi+iSEqnQZWaf0uopRJX3PjlJYpjEB/CZKV4UrUKeKV4:/lxzNC9b+iStQZWaMuiJX3bOUqw1Z4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.24bfe420da18b3f201ccd1d240ec8180.exe

Files

NEAS.24bfe420da18b3f201ccd1d240ec8180.exe
.exe windows:4 windows x86

69c399796f40cea01989f250434e4d55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceA
CloseHandle
HeapCreate
GetModuleHandleA
SetFileTime
GetFileSize
LeaveCriticalSection
GetLocalTime
LoadLibraryA
SetFileTime
CreateMutexW
GetStartupInfoW
FormatMessageW
InitializeCriticalSection
SetFileAttributesW
lstrcatA
ReadFile
SetFileTime
lstrcpyA
GetLastError
IsBadWritePtr

msi

MsiCollectUserInfoA
MsiConfigureFeatureA
MsiAdvertiseProductW
MsiDatabaseCommit

user32

IsWindow
wsprintfW
SetFocus
GetWindowRect
GetWindowTextA
IsDialogMessageA
SetCursorPos
PeekMessageW
DispatchMessageA
LoadCursorW
GetWindowLongW
PostMessageW
IsZoomed

clbcatq

SetSetupSave

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rich
Size: 1KB - Virtual size: 193B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69c399796f40cea01989f250434e4d55

Headers

File Characteristics

Imports

kernel32

msi

user32

clbcatq

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 260KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 384KB - Virtual size: 636KB

.rich Size: 1KB - Virtual size: 193B

.ole Size: 512B - Virtual size: 129B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 260KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 384KB - Virtual size: 636KB

.rich
Size: 1KB - Virtual size: 193B

.ole
Size: 512B - Virtual size: 129B