NEAS[.]889a93e65518fe8fc26b50c19a31a400[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.889a93e65518fe8fc26b50c19a31a400.exe
Size

114KB
MD5

889a93e65518fe8fc26b50c19a31a400
SHA1

606327afe375f2478c3c777c3c9e17fcc15efcca
SHA256

266733086109f8b8ab0a79d303ecc616fb00b9d2325ce4509578a7b8bdcac5b9
SHA512

3df30408914e2f4410bf32961f3c7b9ed2d19a157e982a82e4c909a422d502d2858476dd572e26d7baaa4b80bcacaa36c8eb16328bc24f8d365a694594d6701c
SSDEEP

1536:VyDt1C7A9ySQLYXO0XHK8zY+mQBaezYbTK8mkemd9kRZ38ETJCdH1rcDpF48kL:+tjVQRIzY+Va9/K88seRZ38EYd1Yo8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.889a93e65518fe8fc26b50c19a31a400.exe

Files

NEAS.889a93e65518fe8fc26b50c19a31a400.exe
.exe windows:5 windows x86

c93fbe0aa70990591095381f3f358c88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
LCMapStringW
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetCommandLineW
lstrcpyW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedDecrement
SetEvent
GetModuleFileNameW
GetCurrentThreadId
GetModuleFileNameA
lstrcmpiW
GetModuleHandleW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetStringTypeW
lstrlenW
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
HeapAlloc
HeapFree
RtlUnwind
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetStdHandle
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
Sleep
FreeEnvironmentStringsW

user32

PostThreadMessageW
LoadStringW
CharNextW
CharUpperW
FindWindowA
TranslateMessage
SetTimer
DispatchMessageW
GetMessageW
MessageBoxW

advapi32

ChangeServiceConfig2W
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegEnumKeyExW
ControlService
DeleteService
CreateServiceW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
SetServiceStatus
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ChangeServiceConfigW

shell32

ShellExecuteA

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoAddRefServerProcess
CoUninitialize
CoReleaseServerProcess

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggvhwsj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c93fbe0aa70990591095381f3f358c88

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 34KB - Virtual size: 35KB

ggvhwsj Size: - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 34KB - Virtual size: 35KB

ggvhwsj
Size: - Virtual size: 4KB