NEAS[.]6c26b2c050596a7bd8942dbd333bc5b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6c26b2c050596a7bd8942dbd333bc5b0.exe
Size

243KB
MD5

6c26b2c050596a7bd8942dbd333bc5b0
SHA1

1b3d116bb8ce1963683e990ff2f48961a4ff7f43
SHA256

fef7c59578232965efdd8307eb5d252bc41dc06d721856742805632616eb5f51
SHA512

e0aa2e5e907d812b4e990489fb17c928d9d1b29f1d0567e4e796a004c3a6846794bbd387ed55bec768bc227bcfe46a2cc143a604f72877ee1cd68aa447169d2c
SSDEEP

6144:bgsKqoq2vEQuZbNidT78KW8DLmX1513qCfLga:bgsKqoqFlRNAE8DaFzLga

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6c26b2c050596a7bd8942dbd333bc5b0.exe

Files

NEAS.6c26b2c050596a7bd8942dbd333bc5b0.exe
.exe windows:5 windows x86

e571bc00b60794c39ebaac93691f7526

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageW
CheckMenuItem
GetInputState
ShowOwnedPopups
SetSystemCursor
SetClipboardViewer
GetWindowInfo
GetClientRect
GetFocus
DialogBoxParamA
CopyRect
EnableMenuItem
SetScrollRange

urlmon

ReleaseBindInfo
CoInternetGetSecurityUrl
ObtainUserAgentString
IsAsyncMoniker

shell32

DoEnvironmentSubstA
DoEnvironmentSubstW
ShellExecuteExW
FindExecutableA
ExtractAssociatedIconA
ShellAboutW
FindExecutableW

ole32

CoGetMalloc
CoRegisterChannelHook
CoSwitchCallContext
CoLockObjectExternal
IsAccelerator
ReadClassStg
CoCreateFreeThreadedMarshaler
OleCreateLinkFromData

wininet

InternetConnectA
InternetConfirmZoneCrossing
InternetGoOnline
InternetCreateUrlA
FtpOpenFileW

gdi32

CreateDIBSection
ColorMatchToTarget
CopyEnhMetaFileA
AddFontResourceExW
AddFontResourceA

opengl32

glRects
glVertex2sv
glOrtho
glEnable
glMapGrid2f
glTexCoord4s
glPixelStorei

kernel32

SetStdHandle
WriteConsoleW
HeapSize
IsProcessorFeaturePresent
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapAlloc
LoadLibraryW
CreateFileW
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
IsBadWritePtr
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
SetEvent
WaitForMultipleObjects
CreateThread
CreateSemaphoreA
SetWaitableTimer
CreateWaitableTimerA
CloseHandle
GetLastError
CreateEventA
ReleaseSemaphore
Sleep
GetCurrentThreadId
WaitForSingleObject
SetThreadLocale
FormatMessageA
SetEnvironmentVariableA
GetDateFormatW
SetTapeParameters
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e571bc00b60794c39ebaac93691f7526

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

shell32

ole32

wininet

gdi32

opengl32

kernel32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 18KB

.rsrc Size: 194KB - Virtual size: 193KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 18KB

.rsrc
Size: 194KB - Virtual size: 193KB