NEAS[.]253dc1b6625154e679707e951f974840[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.253dc1b6625154e679707e951f974840.exe
Size

219KB
MD5

253dc1b6625154e679707e951f974840
SHA1

baaf5906c6476c464719deecb7089d87234fa3b3
SHA256

ee581a96761a1e31bc70cbed970d19ea94230343a43e2550757c5ae28437696c
SHA512

5caa5b1f8ea205c4bf5e773a5e59a85f11df253a06195edb7695e91e7ec4d7f50b14dcb0d384b118a2267bdad21036b6012029a39da58b9087e7dc17046ed7e7
SSDEEP

1536:82ebjkvKI2glNVEsuDzXsfYtC0HvnHTIrenZYcea1Mc3d//cjbr0s1IHoRM23nvK:8bHkjX12X6wvHkGMcN//cjU7JWPHa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.253dc1b6625154e679707e951f974840.exe

Files

NEAS.253dc1b6625154e679707e951f974840.exe
.exe windows:4 windows x86

29d2ae5937f214ff36a69a49a41e2016

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
DeleteTimerQueue
GetSystemDefaultUILanguage
FormatMessageA
Beep
GetStringTypeExW
CreateDirectoryW
TlsFree
FindFirstFileExA
OutputDebugStringW
GetFullPathNameA
SetWaitableTimer
GetProfileStringA
CreatePipe
TlsGetValue
GetCurrentProcess
IsProcessorFeaturePresent
GetProfileIntA
EnumUILanguagesW
GetLongPathNameW
CloseHandle
GetCompressedFileSizeW
GetFileSizeEx
CreateHardLinkW
GlobalSize
SetTapePosition
GetCurrentProcess
EnumResourceNamesW
GetCurrentDirectoryW
RemoveDirectoryA
GetCurrentProcess
FindAtomA
WaitForMultipleObjectsEx

user32

SetActiveWindow
CreateCaret
SetMessageQueue
SetRect
ReplyMessage
SetForegroundWindow
DdeFreeDataHandle
DrawTextExW
ChangeClipboardChain
LoadKeyboardLayoutW
EnumDesktopWindows
GetScrollPos
GetKeyboardState
IsWindowVisible
LookupIconIdFromDirectory
EnumDisplayMonitors
OemToCharW
IsDialogMessageW
GetWindowRect
EnumPropsExW
DeferWindowPos
CreateIconFromResource
CheckMenuRadioItem
OemToCharBuffW
DdeConnect
DrawCaption
InvalidateRect
DdeGetData
DdeInitializeW
SetWindowLongW
GetMessageA
GetDlgItemInt
PtInRect
RegisterShellHookWindow
CreateCursor
SetDeskWallpaper
UserHandleGrantAccess
CheckMenuItem
SetWindowTextW
LoadCursorW
RealChildWindowFromPoint
GetAsyncKeyState
AllowSetForegroundWindow
UnloadKeyboardLayout
GetKeyboardType
CharNextExA
DrawStateW
BroadcastSystemMessageA
FindWindowW
IsZoomed
OpenWindowStationW
DrawFrameControl
DdeUninitialize
GetMenuDefaultItem
DdePostAdvise
OemToCharA
CheckRadioButton
WaitForInputIdle
InsertMenuA
SetCaretBlinkTime
TileChildWindows
LoadAcceleratorsA
GetNextDlgTabItem
DdeCmpStringHandles
IMPQueryIMEA
SetLayeredWindowAttributes
GetDlgCtrlID
WindowFromPoint
SetDebugErrorLevel
GetClassInfoExA
GetWindowLongA
SendMessageA
OemToCharBuffA
EnumPropsW
SetUserObjectSecurity
MessageBoxA
GetClassInfoExW
GetMenuItemCount
SetMenuInfo
IMPSetIMEW
LoadIconA
LoadIconW
ScreenToClient
SetKeyboardState
IsCharAlphaA
RegisterDeviceNotificationA

ole32

CoSetProxyBlanket
CoGetCallerTID
CoMarshalInterThreadInterfaceInStream

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arch
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29d2ae5937f214ff36a69a49a41e2016

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 3KB - Virtual size: 3KB

.idata Size: 512B - Virtual size: 275B

.data Size: 39KB - Virtual size: 51KB

.arch Size: 512B - Virtual size: 418B

.rsrc Size: 104KB - Virtual size: 132KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 3KB - Virtual size: 3KB

.idata
Size: 512B - Virtual size: 275B

.data
Size: 39KB - Virtual size: 51KB

.arch
Size: 512B - Virtual size: 418B

.rsrc
Size: 104KB - Virtual size: 132KB