NEAS[.]72b78aa623308cdef8bba6ea6f760220[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.72b78aa623308cdef8bba6ea6f760220.exe
Size

188KB
MD5

72b78aa623308cdef8bba6ea6f760220
SHA1

ba79b57ed6959bdb8ca307e8e5ea74c436703c9d
SHA256

26fad3bfae074fdb3f6c57edf82627542905594c8c0cbb51aea19a9cd3d8f28a
SHA512

dc96360e4540289d91046f6b06143cba070d3e3cc15262dcf042989c620e09da89041378ddd60d7316cf9ecdeaa5844600ac6abcafe65db2e190777f6cc11521
SSDEEP

3072:TSDonuZmngj6IYeTXigzbluZDFl1ue8klvQDUcmqT5RAnvc0CmLS+W+C86TF:mDxPYq3AdFl1ue5sWGetW+C86TF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.72b78aa623308cdef8bba6ea6f760220.exe

Files

NEAS.72b78aa623308cdef8bba6ea6f760220.exe
.exe windows:4 windows x86

12b5a608b6d5bb425a9eda369ce093a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
GetModuleFileNameA
Sleep
CreateThread
CreateEventA
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThreadId
IsDBCSLeadByte
InterlockedIncrement
SetEvent
InterlockedDecrement
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
IsBadReadPtr
GetCurrentProcessId
RaiseException
SetStdHandle
SetFilePointer
IsBadCodePtr
LoadLibraryA
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
HeapSize
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
MultiByteToWideChar
lstrlenW
WaitForSingleObject
CloseHandle
GetVersionExA
VirtualProtect
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WideCharToMultiByte
FlushFileBuffers
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
GetStartupInfoA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
ExitThread
HeapReAlloc
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc

user32

DispatchMessageA
GetMessageA
PostThreadMessageA
CharNextA
TranslateMessage
UnregisterClassA
GetWindowLongA
CharUpperA
SetPropA
GetSystemMetrics
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
SetWindowPos
DestroyWindow
BeginPaint
EndPaint
DefWindowProcA
EnableWindow
SetTimer
GetPropA
SendMessageA
PostMessageA
KillTimer
RemovePropA
IsWindow
GetForegroundWindow
SetForegroundWindow
EnumWindows
GetWindowRect
GetClassNameA
EnumChildWindows

gdi32

GetStockObject

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetFileInfoA

ole32

CoTaskMemFree
StringFromCLSID
CoInitializeEx
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromString
StringFromGUID2
CoCreateInstance
CoCreateGuid

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12b5a608b6d5bb425a9eda369ce093a6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 7KB

.rrdata Size: 76KB - Virtual size: 76KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 7KB

.rrdata
Size: 76KB - Virtual size: 76KB