NEAS[.]7969eff54e5a4cce7223c4420e9eb8c0[.]exe

General

Target

NEAS.7969eff54e5a4cce7223c4420e9eb8c0.exe
Size

36KB
MD5

7969eff54e5a4cce7223c4420e9eb8c0
SHA1

ba6fccaf76e39600f9341412b46ee36107bb4e17
SHA256

8b7b380dfbe2f9ed5ed73ac00a09915c88628052a1637a73f27a74431d6d6f3a
SHA512

3490d4ff0a25b812b678ce9a359cbc82ec1dd65471976253853973a19c0a3641078f1f7d3ff3e921f49e362f53001a93d966b2b53b8f5ba3f8f8358d1b845edf
SSDEEP

768:QTou/RnchmB2hl5ND9QHse3X1WDOBCED/MR/6jm6MCIQ50:uouxemB8lHCMenIyBCED/1NAQ50

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7969eff54e5a4cce7223c4420e9eb8c0.exe

Files

NEAS.7969eff54e5a4cce7223c4420e9eb8c0.exe
.exe windows:4 windows x86

d05391dd40cedb4c2c9c887f1ef5aa32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
ExitProcess
GetStartupInfoW
GetModuleHandleA
GetTickCount
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
GetSystemTimeAsFileTime

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

msvcr71

_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
exit
__dllonexit
_onexit
_controlfp
_cexit
_XcptFilter
memset
strcat
_stricmp
_exit
_c_exit
strcpy
wcscat
_wcsicmp
wcscpy
__security_error_handler

comctl32

InitCommonControlsEx

sqlunirl

_GetUnicodeRedirectionLayer@0
_MessageBox@16

dtswiz

DoDTSWizard

semsfc

?LoadString@SString@@QAEHPAUHINSTANCE__@@I@Z
??0SString@@QAE@XZ
?SetApp@SApplication@@QAEXPAV1@@Z
??4SString@@QAEABV0@PBG@Z
??1SString@@QAE@XZ
?SGetWindowsPlatform@@YAIXZ
?SetMainHelpCollection@SHelp@@QAEXPBG0@Z
?FreeLib@SHelp@@QAEXXZ
??BSString@@QBEPBGXZ

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d05391dd40cedb4c2c9c887f1ef5aa32

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr71

comctl32

sqlunirl

dtswiz

semsfc

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 612B

.rsrc Size: 28KB - Virtual size: 31KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 612B

.rsrc
Size: 28KB - Virtual size: 31KB