NEAS[.]623847d2febe51055f0d41791ef68d10[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.623847d2febe51055f0d41791ef68d10.exe
Size

260KB
MD5

623847d2febe51055f0d41791ef68d10
SHA1

c559f32a139cb7f10ea0a72893a4b49d92854eb8
SHA256

38a8ffd71f28dce13ddb639ab6583e0d485d71a741954be2986f31cffd26da37
SHA512

8e6d2f03e6d1ca5332958d97de6edca4483fd6ddabac402dd2769d45cd7a0b638647a647faa45e3577d7c5d121d38ee3e0703aa74573c38be1c3f2774fa74b1f
SSDEEP

6144:1moYRUJaFX+EjIRWszHaWzug9pu2fpuacKkssmOKe:ooYRdFu6sz1uCpu2kacOs1K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.623847d2febe51055f0d41791ef68d10.exe

Files

NEAS.623847d2febe51055f0d41791ef68d10.exe
.exe windows:4 windows x86

102fc802b4d4a78b6b4122ab4431392b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemInt
GetScrollRange
SetCursor
InsertMenuItemA
SetDlgItemInt
LoadIconA
SetCapture
EndDialog
CloseClipboard
GetMessageA
OffsetRect

ole32

OleUninitialize
OleInitialize
CoSuspendClassObjects
CoInitialize
OleCreate
StgCreateDocfile
CoUninitialize

sfc

SfcIsFileProtected

sisbkup

SisRestoredCommonStoreFile
SisFreeAllocatedMemory
SisCSFilesToBackupForLink
SisRestoredLink

kernel32

HeapFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
LCMapStringW
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetTimeZoneInformation
GetSystemInfo
VirtualQuery
InterlockedExchange
HeapSize
InitializeCriticalSection
GetOEMCP
GetACP
RtlUnwind
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetProfileStringW
VirtualProtect
AddConsoleAliasA
LoadLibraryExA
GetNativeSystemInfo
ExpandEnvironmentStringsA
GetDriveTypeA
GetVolumeInformationA
GetSystemTimeAsFileTime
GetProcessHeap
SetSystemPowerState
GetCPInfo
MoveFileExA
GetFileTime
GetDiskFreeSpaceA
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationA
ExitProcess
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
Sleep
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102fc802b4d4a78b6b4122ab4431392b

Headers

File Characteristics

Imports

user32

ole32

sfc

sisbkup

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 104KB - Virtual size: 109KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 104KB - Virtual size: 109KB

.rsrc
Size: 4KB - Virtual size: 1KB