NEAS[.]8bbe2d3844bd3ba13be4bef542292020[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8bbe2d3844bd3ba13be4bef542292020.exe
Size

972KB
MD5

8bbe2d3844bd3ba13be4bef542292020
SHA1

f2bde32ac9b59a114af2288be3f99eba08d70769
SHA256

a99cf4aa7c187e6c6b21d7d1dfe47e210669f45c13f572b0d1cbf2869016a3a0
SHA512

e956d3b3e58214f3dd780c66e3664c642f05620674719c4b1b46e1942b64864f12708fe575173bae4675895d868f05da88fdd5bd4ff281c9bbf15f5b23e34a50
SSDEEP

12288:N617HtSVlNNE5pLG9nYL97f1jF/8EYc5sHBttJVwrI:c17HtS2yYL97NjFtWttkrI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8bbe2d3844bd3ba13be4bef542292020.exe

Files

NEAS.8bbe2d3844bd3ba13be4bef542292020.exe
.exe windows:4 windows x86

d0e7bcb58c37a74b6192cdc1d3fb8c01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FindNextFileA
GetTickCount
RtlUnwind
TerminateProcess
GetACP
HeapSize
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
CreateThread
ExitThread
HeapDestroy
FindResourceExA
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetShortPathNameA
lstrlenW
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetProfileStringA
GetTempPathA
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
RemoveDirectoryA
SetLastError
GetLastError
DeleteFileA
SetFileAttributesA
WriteFile
ReadFile
CopyFileA
CreateFileA
GetVersionExA
SystemTimeToFileTime
FindClose
FindFirstFileA
GetFileAttributesA
GetDriveTypeA
CreateDirectoryA
lstrcatA
lstrcpyA
SetCurrentDirectoryA
GetVolumeInformationA
GetStringTypeExA
GetFullPathNameA
UnlockFile
MoveFileA
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
SetErrorMode
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetThreadLocale
GetCurrentDirectoryA
TlsGetValue
GetCPInfo
GetProcessVersion
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
SetFileTime
VirtualProtect
MulDiv
GetFileSize
LocalFileTimeToFileTime
GetFileTime
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentThread
GlobalAlloc
lstrcmpA
SetThreadPriority
CreateEventA
SuspendThread
WaitForSingleObject
ResumeThread
SetEvent
InterlockedIncrement
lstrcpynA
InterlockedDecrement
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalLock
GetModuleHandleA
GetProcAddress
LockResource
GlobalUnlock
GlobalFree
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
GetVersion
GetUserDefaultLangID
GetSystemDefaultLangID
LoadLibraryA
WinExec
GetWindowsDirectoryA
SizeofResource
FormatMessageA
FindResourceA
GetModuleFileNameA
LoadResource
FreeLibrary
Sleep
CloseHandle
GetStringTypeA
GetFileType
GetEnvironmentVariableA
HeapCreate
lstrlenA

user32

AppendMenuA
RemoveMenu
PostThreadMessageA
DestroyIcon
RegisterClipboardFormatA
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetTopWindow
GetCapture
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
SetWindowPlacement
ReuseDDElParam
BringWindowToTop
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnpackDDElParam
SetMenu
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetNextDlgGroupItem
CharNextA
SetForegroundWindow
RegisterWindowMessageA
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
LoadStringA
CopyAcceleratorTableA
GetWindow
GetClassNameA
GetMenuItemID
ModifyMenuA
GetMenuStringA
GetMenuItemCount
GetSubMenu
CopyIcon
GetParent
InflateRect
SetWindowLongA
SetCursor
PtInRect
RedrawWindow
MessageBeep
DestroyCursor
GetWindowTextLengthA
GetWindowTextA
LoadMenuA
WinHelpA
GetKeyState
PostMessageA
SendMessageA
ScreenToClient
IsChild
ReleaseCapture
GetSysColor
GetClientRect
GetDC
SystemParametersInfoA
SetRect
ReleaseDC
AdjustWindowRect
OffsetRect
InvalidateRect
SetCapture
GetSysColorBrush
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
CharUpperA
UnhookWindowsHookEx
GetPropA
GetWindowLongA
GetDesktopWindow
GetSystemMetrics
SetWindowPos
GetFocus
LoadCursorA
GetWindowRect
IsWindowEnabled
IsWindow
SetFocus
EnableWindow
MessageBoxA
DeleteMenu
InsertMenuA
GetWindowThreadProcessId
WaitMessage
GetDialogBaseUnits
DestroyMenu
WindowFromPoint
GetAsyncKeyState
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
wvsprintfA
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
EnableMenuItem
SetMenuItemBitmaps
CheckMenuItem
GetLastActivePopup
ShowWindow
GetForegroundWindow
SetScrollPos
GetScrollPos
ScrollWindowEx
ExcludeUpdateRgn
DrawFocusRect
IsWindowUnicode
UnregisterClassA
HideCaret
ShowCaret
DefDlgProcA

gdi32

GetStockObject
GetClipBox
SetTextColor
GetDCOrgEx
CreateBitmap
DeleteDC
SetBkColor
SaveDC
RestoreDC
StartDocA
SelectPalette
SetBkMode
SelectObject
SetROP2
SetStretchBltMode
SetPolyFillMode
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
CreateFontA
OffsetWindowOrgEx
ScaleWindowExtEx
SelectClipRgn
GetTextExtentPoint32A
IntersectClipRect
OffsetClipRgn
ExcludeClipRect
LineTo
SetTextAlign
MoveToEx
SetTextCharacterExtra
SetMapperFlags
SetTextJustification
ArcTo
SetArcDirection
GetCurrentPositionEx
PolylineTo
SetColorAdjustment
PolyDraw
DeleteObject
GetClipRgn
PolyBezierTo
SelectClipPath
ExtSelectClipRgn
CreateRectRgn
GetObjectType
EnumMetaFile
PlayMetaFileRecord
GetDeviceCaps
GetViewportExtEx
PlayMetaFile
CreatePen
ExtCreatePen
GetWindowExtEx
CreateHatchBrush
CreatePatternBrush
CreateSolidBrush
PtVisible
RectVisible
CreateDIBPatternBrushPt
ExtTextOutA
Escape
TextOutA
PatBlt
SetRectRgn
GetMapMode
CreateRectRgnIndirect
DPtoLP
CombineRgn
GetTextColor
GetBkColor
GetTextMetricsA
EnumFontFamiliesExA
CopyMetaFileA
LPtoDP
CreateDIBitmap
CreateDCA
BitBlt
GetTextExtentPointA
CreateCompatibleDC
GetTextFaceA
GetObjectA
CreateFontIndirectA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueA
RegEnumKeyA
RegCreateKeyA

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHGetFileInfoA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

OleUninitialize
CreateBindCtx
CoDisconnectObject
OleRun
CoCreateInstance
CoFreeUnusedLibraries
OleDuplicateData
OleInitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
SetConvertStg
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoTaskMemAlloc
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

VariantCopy
SysReAllocStringLen
VariantChangeType
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
VarBstrFromDate
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
SysFreeString
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 684KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 842KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0e7bcb58c37a74b6192cdc1d3fb8c01

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

Sections

.text Size: 684KB - Virtual size: 680KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 56KB - Virtual size: 842KB

.idata Size: 16KB - Virtual size: 15KB

.rsrc Size: 64KB - Virtual size: 60KB

.reloc Size: 44KB - Virtual size: 81KB

.text
Size: 684KB - Virtual size: 680KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 56KB - Virtual size: 842KB

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 64KB - Virtual size: 60KB

.reloc
Size: 44KB - Virtual size: 81KB