NEAS[.]973816c1b498dbfc9a8bb632911780e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.973816c1b498dbfc9a8bb632911780e0.exe
Size

389KB
MD5

973816c1b498dbfc9a8bb632911780e0
SHA1

00f20360888e54ea1e802f651c85d7d00cf8b0ca
SHA256

1195d1e694fb972a1bd68fa19f1a2d07851e37e3075e2403b0b31d8360502755
SHA512

a2cc42c9fdc7d7d1a71f39081e2f7632079db4def280d0b11d86487a2b445764235023efc1049bbd85856084c316de121fc4e64d3104f5d6f79ad183ba47d3ec
SSDEEP

6144:WLLI+6fFdNplG732kSsuLYkgc5rG2uWMd8RhEJcSTV3qH8yHuAOPBg:a6fFdNp83NXK5a2ut8Q9ccEuFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.973816c1b498dbfc9a8bb632911780e0.exe

Files

NEAS.973816c1b498dbfc9a8bb632911780e0.exe
.exe windows:5 windows x86

12d136c8af2fad6e6f2184de4a4ba8b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

joyGetNumDevs
joyGetPosEx
joyGetDevCapsA
timeGetTime

dsound

ord1

imm32

ImmAssociateContext

avifil32

AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIFileExit
AVIStreamRelease
AVISaveOptions
AVIStreamSetFormat
AVISaveOptionsFree
AVIMakeCompressedStream
AVIFileRelease
AVIStreamWrite

kernel32

GetCurrentProcess
Sleep
GetLongPathNameA
GetModuleHandleA
GetLocalTime
AllocConsole
SetConsoleTextAttribute
WaitForSingleObject
SetConsoleScreenBufferSize
GetConsoleCP
ReadConsoleInputA
FreeConsole
GetConsoleWindow
SetConsoleTitleA
GetStdHandle
WriteConsoleA
CloseHandle
GlobalLock
GlobalUnlock
CreateFileA
WriteFile
GlobalAlloc
GlobalFree
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryA
SetFilePointer
SetEndOfFile
ReadFile
GetLastError
WriteConsoleW
GetConsoleOutputCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
SetPriorityClass
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
LCMapStringW
LCMapStringA
GetConsoleMode
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
GetFileType
SetHandleCount
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
FlushFileBuffers
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
ExitProcess
DeleteFileA
GetFileAttributesA
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFullPathNameA
GetProcessHeap
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
CreateThread
GetCurrentThreadId
HeapSize
HeapFree
HeapAlloc
ExitThread

user32

SetRect
MessageBoxA
InvalidateRect
ClientToScreen
CloseClipboard
ScreenToClient
ShowCursor
GetClipboardData
GetCursorPos
OpenClipboard
GetSystemMenu
GetAsyncKeyState
RemoveMenu
EndPaint
GetMessageA
IsMenu
PostQuitMessage
DeleteMenu
LoadMenuA
LoadIconA
EnumDisplaySettingsA
GetClientRect
SendMessageA
BeginPaint
GetDC
TranslateMessage
GetWindowPlacement
CheckMenuRadioItem
SetWindowLongA
SetCursorPos
GetWindowLongA
CreateWindowExA
PeekMessageA
ReleaseDC
EnableMenuItem
TranslateAcceleratorA
DefWindowProcA
SetWindowPos
LoadAcceleratorsA
ShowWindow
SetMenu
DrawMenuBar
AppendMenuA
PostMessageA
DispatchMessageA
InsertMenuA
SetWindowTextA
UpdateWindow
AdjustWindowRect
DestroyMenu
SetMenuItemInfoA
ChangeDisplaySettingsA
CheckMenuItem
RegisterClassA
DestroyWindow

gdi32

GetDeviceCaps
BitBlt
DeleteDC
CreateDIBSection
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
SetStretchBltMode
SetPixelV
GetStockObject

comdlg32

GetOpenFileNameA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA

d3d9

Direct3DCreate9

Sections

.text
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12d136c8af2fad6e6f2184de4a4ba8b8

Headers

DLL Characteristics

File Characteristics

Imports

winmm

dsound

imm32

avifil32

kernel32

user32

gdi32

comdlg32

shell32

d3d9

Sections

.text Size: 279KB - Virtual size: 278KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 8KB - Virtual size: 1.6MB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 279KB - Virtual size: 278KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 8KB - Virtual size: 1.6MB

.rsrc
Size: 6KB - Virtual size: 6KB