NEAS[.]e90b373887b3c6aa12c3afd29f173de0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e90b373887b3c6aa12c3afd29f173de0.exe
Size

905KB
MD5

e90b373887b3c6aa12c3afd29f173de0
SHA1

325e85e3849329e55897bb940e0c4f88f6b9b041
SHA256

a2a03ccdfdbee765f57533bdaa5af4c5b1550bf76f5aaac178ed70132384a327
SHA512

426784cddaa68c5f459ce6f9a5e39ddaa4df543a98f93f6b65d4eb8f0c4372262978c3009e7fd58cde886e2dbdc73a6e33ac30a5581d294cdc2396555aa94b44
SSDEEP

12288:xezs/mL+F0vrYyte3EXpDlEhnSjrP78/FWtEHAvTkOP0ARUA:x07Lc0cycmUS3T8/FWtXLBcAh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e90b373887b3c6aa12c3afd29f173de0.exe

Files

NEAS.e90b373887b3c6aa12c3afd29f173de0.exe
.exe windows:4 windows x86

45b5c71f8a82973e1ef6701dc51ca938

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerSetControlDetails
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerClose
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerOpen
waveInUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveInStop
waveInStart
waveOutRestart
waveOutPause
waveInAddBuffer
waveInPrepareHeader
waveInReset
waveOutReset
waveInClose
waveOutClose
waveInGetNumDevs
waveInGetDevCapsA
waveOutGetNumDevs
waveInOpen
waveOutOpen
waveOutGetID
waveOutGetDevCapsA

comctl32

ord17

kernel32

GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetACP
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFileType
GetOEMCP
CreateThread
CreateEventA
GetProcAddress
lstrcpyA
lstrlenA
InterlockedExchange
MultiByteToWideChar
EnterCriticalSection
WaitForMultipleObjects
LocalFree
LocalSize
LocalAlloc
CloseHandle
Sleep
DeleteCriticalSection
FreeLibrary
InitializeCriticalSection
LoadLibraryA
ReleaseMutex
lstrcmpA
WaitForSingleObject
GetLastError
CreateMutexA
SetEvent
LockResource
SizeofResource
LoadResource
FindResourceA
GetVersionExA
lstrcmpiA
DeviceIoControl
CreateFileA
HeapAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
LeaveCriticalSection
HeapFree

user32

GetWindow
GetDesktopWindow
InvalidateRect
DialogBoxParamA
DestroyWindow
EndPaint
BeginPaint
EndDialog
EnableWindow
GetClassNameA
CreateDialogParamA
PostQuitMessage
CharUpperA
IsDialogMessageA
TranslateMessage
DispatchMessageA
wsprintfA
SetWindowTextA
GetDlgItem
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
PostMessageA
DefWindowProcA
KillTimer
SetTimer
GetCursor
LoadCursorA
SetCursor
SendMessageA
MessageBoxA
GetMessageA

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45b5c71f8a82973e1ef6701dc51ca938

Headers

File Characteristics

Imports

winmm

comctl32

kernel32

user32

advapi32

setupapi

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 10KB