NEAS[.]6881c8bd0ca716b2814490aefc018580[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.6881c8bd0ca716b2814490aefc018580.exe
Size

291KB
MD5

6881c8bd0ca716b2814490aefc018580
SHA1

415d5fcfdec35427e3fdf29230e0f4f45524303d
SHA256

01820c5768fcbcb9b11db0ff4d55b65ef0c2cbd6371e856043c068a94be24508
SHA512

6ff203e9b7f47482dcad415319c52dce99068fc1b2c154e139d2ffee3485a9d498f9399e912b08c824110e524ba8b6536133f6357578fff9171ba04449a9e3fe
SSDEEP

6144:dJAHgtUdLW9cI5YKr35GkhO5M9Vopi/QjYuL:nAHzL7Kr35GeOwopiojYuL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6881c8bd0ca716b2814490aefc018580.exe

Files

NEAS.6881c8bd0ca716b2814490aefc018580.exe
.exe windows:5 windows x86

75cc0778472b601ea6cf6f7d0544c2f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetShortPathNameW
GetTempPathW
LoadLibraryW
FreeLibrary
GetProcAddress
SetErrorMode
LocalAlloc
lstrlenW
FormatMessageW
WriteConsoleW
FlushConsoleInputBuffer
WaitForSingleObject
PeekConsoleInputW
ReadConsoleInputW
GetStdHandle
GetConsoleMode
GetModuleHandleW
OutputDebugStringW
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
DeleteCriticalSection
SetFilePointer
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
MultiByteToWideChar
LocalFileTimeToFileTime
WideCharToMultiByte
WriteFile
SetStdHandle
FlushFileBuffers
SetFilePointerEx
GetConsoleCP
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetProcessHeap
HeapSize
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
GetModuleFileNameW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetFileAttributesExW
CloseHandle
CreateFileW
LCMapStringW
GetVersionExW
CompareStringW
SizeofResource
LoadResource
LockResource
GetLastError
FindResourceW
InterlockedIncrement
InterlockedDecrement
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetCommandLineW
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
lstrlenA
GetStringTypeW
EncodePointer
EnterCriticalSection
LeaveCriticalSection

user32

SetWindowPos
GetProcessWindowStation
DefWindowProcW
DestroyWindow
KillTimer
GetAncestor
IsWindowVisible
SetTimer
EnumThreadWindows
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateLayeredWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSystemMetrics
MessageBoxW
IsWindow
GetUserObjectInformationW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
DeleteDC
CreateDCW
CreateDIBSection

advapi32

RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW

shell32

ShellExecuteW
SHCreateDirectoryExW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemFree

oleaut32

SafeArrayUnlock
SafeArrayLock
SafeArrayCopy
SafeArrayGetVartype
SafeArrayDestroy
SafeArrayCreate
SysStringByteLen
VariantCopyInd
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
VariantChangeType
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocString
GetErrorInfo

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75cc0778472b601ea6cf6f7d0544c2f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 28KB - Virtual size: 27KB