NEAS[.]83b9e7d020a7ee1db7434d7c899e2310[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.83b9e7d020a7ee1db7434d7c899e2310.exe
Size

2.4MB
MD5

83b9e7d020a7ee1db7434d7c899e2310
SHA1

9ce86b86a90fa75da00b0816d4fa572929aeb3d3
SHA256

bb9d4cc8a42436d0990e50c47cb34a77f1635c5b612a554e2855006d9f28735c
SHA512

4e95ee890dd8c6cc771752f37cfb5de8cddef80bd4ec0dae9bdeab6d13b4c20a88c9067e126aa62eb82d35bdd3c1b3b6af3bd3e65ee55f3996f2918c05d1208d
SSDEEP

24576:RnTmEa1a+oxIr10KmBTXo5DbT3tFx+ANIF+Vf8/htciHx7mFgvL8RiG/apcbWlFV:RnTmdqaDbrtFx+AmnvSwIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.83b9e7d020a7ee1db7434d7c899e2310.exe

Files

NEAS.83b9e7d020a7ee1db7434d7c899e2310.exe
.exe windows:1 windows x86

566717a37dc3e2bcf978342241da0ee1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

gdi32

BitBlt
CreateCompatibleDC
CreateFontA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
EnumFontFamiliesA
ExtTextOutA
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetBkColor
SetBkMode
SetTextColor
TextOutA

user32

AdjustWindowRect
BeginPaint
CallNextHookEx
CallWindowProcA
CharNextA
CharPrevA
ClientToScreen
ClipCursor
CreateAcceleratorTableA
CreateWindowExA
DefWindowProcA
DestroyAcceleratorTable
DestroyWindow
DispatchMessageA
DrawMenuBar
EnableWindow
EndPaint
FillRect
FindWindowA
FlashWindow
FrameRect
GetAsyncKeyState
GetClientRect
GetCursorPos
GetDC
GetFocus
GetKeyNameTextA
GetMenu
GetMenuItemInfoA
GetMessagePos
GetParent
GetPropA
GetSystemMetrics
GetWindowLongA
GetWindowRect
IntersectRect
InvalidateRect
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapVirtualKeyA
MessageBeep
MessageBoxA
MessageBoxExA
MoveWindow
OffsetRect
PeekMessageA
PostQuitMessage
PostThreadMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
ScreenToClient
SendMessageA
SetActiveWindow
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetTimer
SetWindowLongA
SetWindowPos
SetWindowsHookExA
ShowCursor
ShowWindow
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
WaitMessage
WinHelpA
GetActiveWindow
wsprintfA

winmm

auxGetDevCapsA
auxGetNumDevs
auxGetVolume
auxSetVolume
joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
mciSendStringA
mixerGetControlDetailsA
mixerGetDevCapsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetNumDevs
mixerSetControlDetails
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime

kernel32

CloseHandle
CompareStringA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
FindResourceA
FormatMessageA
FreeLibrary
GetCommandLineA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetLastError
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
IsDBCSLeadByte
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReleaseMutex
SetFilePointer
Sleep
TerminateThread
UnmapViewOfFile
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetTimeZoneInformation
GetVersion
LoadLibraryA
LocalFileTimeToFileTime
ReadConsoleInputA
ReadFile
ReleaseMutex
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEvent
SetFilePointer
SetStdHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleA
WriteFile

qmixer

QSWaveMixActivate
QSWaveMixCloseSession
QSWaveMixEnableChannel
QSWaveMixFlushChannel
QSWaveMixFreeWave
QSWaveMixGetDirectSound
QSWaveMixGetErrorText
QSWaveMixGetLastError
QSWaveMixGetPlayPosition
QSWaveMixGetPolarPosition
QSWaveMixInitEx
QSWaveMixIsChannelDone
QSWaveMixOpenChannel
QSWaveMixOpenWave
QSWaveMixPlayEx
QSWaveMixSetDistanceMapping
QSWaveMixSetFrequency
QSWaveMixSetListenerOrientation
QSWaveMixSetListenerPosition
QSWaveMixSetOptions
QSWaveMixSetPolarPosition
QSWaveMixSetRoomSize
QSWaveMixSetSourcePosition
QSWaveMixSetSpeakerPlacement
QSWaveMixSetVolume
QSWaveMixStartProfile
QSWaveMixStopChannel
QSWaveMixStopProfile

ddraw

DirectDrawCreate
DirectDrawEnumerateA

dinput

DirectInputCreateA

dplayx

ord2
ord1
ord4

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext
ImmSetOpenStatus

wsock32

WSACleanup
gethostbyname
gethostname
WSAStartup

Sections

BEGTEXT
Size: 1.1MB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 65KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 14.8MB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 66KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LDGROUP
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

566717a37dc3e2bcf978342241da0ee1

Headers

File Characteristics

Imports

advapi32

ole32

gdi32

user32

winmm

kernel32

qmixer

ddraw

dinput

dplayx

imm32

wsock32

Sections

BEGTEXT Size: 1.1MB - Virtual size:

DGROUP Size: 65KB - Virtual size:

.bss Size: 14.8MB - Virtual size:

.idata Size: 7KB - Virtual size:

.reloc Size: 66KB - Virtual size:

.rsrc Size: 5KB - Virtual size:

.LDGROUP Size: 1.2MB - Virtual size: 1.2MB

BEGTEXT
Size: 1.1MB - Virtual size:

DGROUP
Size: 65KB - Virtual size:

.bss
Size: 14.8MB - Virtual size:

.idata
Size: 7KB - Virtual size:

.reloc
Size: 66KB - Virtual size:

.rsrc
Size: 5KB - Virtual size:

.LDGROUP
Size: 1.2MB - Virtual size: 1.2MB