NEAS[.]9924402209be7f8a7376c08ee7fc5b00[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9924402209be7f8a7376c08ee7fc5b00.exe
Size

2.0MB
MD5

9924402209be7f8a7376c08ee7fc5b00
SHA1

d7d14472c85ef353f26e8c1bc4f4b86754f8642c
SHA256

111096edecbaf4071c1d3b631c5c66855c995f1728c4582941b8f4f6021b2dba
SHA512

efd7e72a8bafbc355bff5aca450d7756ce0dbbe4b6c6b50bc48708ef431cf41333bfbea51ef3accd14164051f1a7e36658f810f996b67408d42e58fec19637a4
SSDEEP

49152:aKOMv0mYUmosgxkci9chZwzBCH/3LHnDd4dqODU9DXzHXbzTa4IBM:aKOzYmqxkciKhgBCvLHDdsDU9DXzHXb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9924402209be7f8a7376c08ee7fc5b00.exe

Files

NEAS.9924402209be7f8a7376c08ee7fc5b00.exe
.exe windows:5 windows x86

aa3b3c8b32ef21385897d77f9fe29187

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetStartupInfoW
GetStdHandle
IsValidCodePage
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
CreateDirectoryW
GetStringTypeW
GetTimeZoneInformation
OutputDebugStringW
LCMapStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
ExitThread
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
HeapReAlloc
GetCommandLineA
AreFileApisANSI
GetModuleHandleExW
ExitProcess
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetACP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer
CopyFileA
FormatMessageA
LocalFree
GlobalSize
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FindFirstFileA
FindClose
MulDiv
LoadLibraryW
GetModuleFileNameW
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentProcessId
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
CompareStringA
WideCharToMultiByte
FindResourceW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExA
GetCurrentThreadId
GetCurrentThread
WaitForMultipleObjects
CreateEventA
SetEvent
SetFileAttributesA
SetFileTime
GetFileSize
SetFilePointer
ReadFile
GetModuleFileNameA
FlushFileBuffers
WriteFile
CreateFileA
EnterCriticalSection
InitializeCriticalSection
WaitForSingleObject
FreeResource
CreateThread
DeleteFileA
LockResource
WritePrivateProfileStringA
LoadLibraryA
GetLocalTime
GetPrivateProfileStringA
GlobalFree
GetProcAddress
GlobalUnlock
MultiByteToWideChar
CreateProcessA
LeaveCriticalSection
SizeofResource
Sleep
GlobalAlloc
GetTickCount
GlobalLock
LoadResource
FreeLibrary
FindResourceA
CloseHandle
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
SetCurrentDirectoryA
CreateDirectoryA
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
lstrlenA
GetFileAttributesExW

user32

SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LockWindowUpdate
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
PostThreadMessageA
SetParent
GetSystemMenu
UnionRect
MapVirtualKeyA
GetKeyNameTextA
GetMenuDefaultItem
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
SetRectEmpty
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuItemInfoA
DestroyMenu
InflateRect
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
DestroyIcon
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
InvalidateRect
SystemParametersInfoA
CopyImage
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
GetUpdateRect
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
UnhookWindowsHookEx
CharUpperA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
LoadBitmapW
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
UpdateLayeredWindow
SetTimer
GetWindowRect
IsIconic
KillTimer
DrawTextA
DrawIcon
GetClientRect
GrayStringA
SendMessageA
DrawTextExA
LoadIconW
SetWindowLongA
GetWindowLongA
TabbedTextOutA
PostMessageA
GetSystemMetrics
EnableWindow
UnregisterClassA
DeleteMenu

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CreateDCA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
GetMapMode
PatBlt
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
MoveToEx
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetROP2
SetPolyFillMode
GetLayout
GetObjectA
SetTextAlign
Ellipse
TextOutA
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
DeleteObject
SetRectRgn
CombineRgn
CreateRectRgn
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
PtVisible
Escape
RectVisible
GetStockObject
ExtTextOutA
SetTextColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetDesktopFolder
SHAppBarMessage
SHGetSpecialFolderLocation
ShellExecuteA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathIsDirectoryA
StrFormatKBSizeA

uxtheme

DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetThemeColor
IsAppThemed
OpenThemeData
CloseThemeData
GetThemePartSize

ole32

CreateStreamOnHGlobal
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoInitialize
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoTaskMemFree
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleGetClipboard
IsAccelerator
OleLockRunning
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoUninitialize

oleaut32

SysAllocStringLen
LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString
SafeArrayDestroy

gdiplus

GdiplusShutdown
GdipSetInterpolationMode
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipCloneImage
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipTranslateWorldTransform
GdipDrawString
GdipResetWorldTransform
GdipRotateWorldTransform
GdipCreateFont
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipDeleteFontFamily
GdipSetSmoothingMode
GdipDrawImageRectI
GdipDeleteGraphics
GdipDeleteFont
GdipSetTextRenderingHint
GdipGetImageHeight
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipLoadImageFromStream
GdiplusStartup

oledlg

ord8

ws2_32

WSAGetLastError
setsockopt
WSACleanup
connect
htons
recv
socket
closesocket
gethostbyname
send
WSAStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa3b3c8b32ef21385897d77f9fe29187

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oledlg

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 26KB - Virtual size: 57KB

.rsrc Size: 166KB - Virtual size: 165KB

.reloc Size: 121KB - Virtual size: 121KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 26KB - Virtual size: 57KB

.rsrc
Size: 166KB - Virtual size: 165KB

.reloc
Size: 121KB - Virtual size: 121KB