NEAS[.]75cd1244fd78e304fe4a230239b6ef30[.]exe

General

Target

NEAS.75cd1244fd78e304fe4a230239b6ef30.exe
Size

170KB
MD5

75cd1244fd78e304fe4a230239b6ef30
SHA1

0a7984e1cdcca37efbc1877a5c609a6c2945ea7a
SHA256

be59515f36a9504b9348e3eb434a2e3565692705444d615f34f819ba27470c61
SHA512

2ad42c48eb91262d988a7f68e0067a085c4e84b3f7a0e66d2132bd24a00bc10932a1a6b03190b5f8666da413453674734be8f3f3dab5b4595128545561e6e3cc
SSDEEP

3072:wVSYYZbASP/+OGDJIZBcyJ+RXQK4UbwWhbZuq3sPE:w4DbAS6DJIZBaR4bWhbgE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.75cd1244fd78e304fe4a230239b6ef30.exe

Files

NEAS.75cd1244fd78e304fe4a230239b6ef30.exe
.exe windows:4 windows x86

db56beb904c5fc469d6b16fa77cf2659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoUninitialize

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

advapi32

RegSetValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

user32

TranslateMessage
SendMessageA
PostMessageA
PeekMessageA
DispatchMessageA
wsprintfA

kernel32

DeleteCriticalSection
DeleteFileW
DosPathToSessionPathW
GetACP
GetLastError
InterlockedIncrement
FreeLibrary
GetDiskFreeSpaceExW
CreateFileW
InterlockedDecrement
WaitForSingleObject
GetCurrentProcess
GetProcessId
GetModuleFileNameA
WideCharToMultiByte
ProcessIdToSessionId
InitializeCriticalSection
GetSystemTimeAsFileTime
GetLocaleInfoA
GetProcessAffinityMask
EnumResourceTypesA
QueryPerformanceCounter
InterlockedExchange
ExitProcess
lstrlenA
GetLocalTime
DisableThreadLibraryCalls
GetFileSize
GetVersionExA
CloseHandle
GetVolumeInformationW
GetCurrentThreadId
MultiByteToWideChar
SetProcessAffinityMask
GetThreadLocale
GetTickCount
GetCurrentProcessId
DeleteFileA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db56beb904c5fc469d6b16fa77cf2659

Headers

File Characteristics

Imports

ole32

gdiplus

advapi32

user32

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 236KB