NEAS[.]ad2e93021c0985ffe69f9d9a6694a370[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.ad2e93021c0985ffe69f9d9a6694a370.exe
Size

149KB
MD5

ad2e93021c0985ffe69f9d9a6694a370
SHA1

d2a8ac657f54c27592be17d4dc16465074d08901
SHA256

1bcf08172305c62fcddb5ee8ca8835ebc9eb06254f8dfc7f797f5dea4e4ebab2
SHA512

878cd7d92db3dd23c1b6113b18e8d59b99ab40e5380ea6529597bd59dfd8b90b2c1ea7b83a2cd883644fb04ca7a11e6d5ca46248bae2f9045761703857a0f42f
SSDEEP

3072:urr69GV+RPKSmY2GjBGIBSUuo1dF21AEtrB2CyUzWxJTB/opnU:er691r92WBDSnTtrLzwBKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ad2e93021c0985ffe69f9d9a6694a370.exe

Files

NEAS.ad2e93021c0985ffe69f9d9a6694a370.exe
.exe windows:4 windows x86

87f7643a98bee50301e1040ba1c3186e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_lseeki64
malloc
__getmainargs
_errno
__dllonexit
sscanf
_wcslwr
tolower
towupper
_strdup
_CIacos
bsearch
_onexit
memset
_beginthreadex
_ltoa
_wtoi
fseek
_wfopen
_wtol
printf
qsort
wcscpy
fread
time

user32

BeginPaint
MessageBeep
DialogBoxParamW
RegisterClassA
CheckRadioButton
IsDlgButtonChecked
SendDlgItemMessageW
LoadIconA
UnregisterClassW
SetWindowTextW
GetWindowTextLengthW
DrawFocusRect
PeekMessageA
GetDlgCtrlID
GetWindowRect
EndPaint
CharNextA
InflateRect
CharLowerW
wsprintfW
InsertMenuA
OffsetRect
RegisterWindowMessageW
DialogBoxParamA
wsprintfA
MessageBoxW
CreateWindowExA
CheckDlgButton
GetAsyncKeyState
ScreenToClient
SetWindowLongA
GetMessageA
CallWindowProcW
GetSystemMetrics
SetWindowTextA
GetDlgItemTextA
RegisterClassW
TrackPopupMenu
IntersectRect
MsgWaitForMultipleObjects
GetWindowPlacement
GetWindowTextW
ShowWindow
ClientToScreen
LoadBitmapA
LoadIconW
IsIconic

kernel32

HeapFree
GetCommandLineW
GetFileSize
GetSystemDirectoryA
QueryPerformanceCounter
GetCurrentThreadId
FindFirstFileA
IsDebuggerPresent
GetCurrentProcess
GetCPInfo
GetThreadLocale
CompareStringA
TlsAlloc
CreateProcessA
GetVersion
FlushFileBuffers
TlsFree
VirtualAlloc
SystemTimeToFileTime
GlobalLock
CloseHandle
GetLastError
LCMapStringA
GetExitCodeThread
GetComputerNameW
GetCommandLineA
GetDriveTypeW
Sleep
GetACP
OpenMutexA
OutputDebugStringA
HeapReAlloc
SetFileAttributesW
GetWindowsDirectoryA
LeaveCriticalSection
HeapCreate
lstrcpyA
SetLastError
GetVersionExA
GlobalAlloc
SetUnhandledExceptionFilter
FindResourceA
ExitProcess
GetOEMCP
OpenEventW
WideCharToMultiByte
lstrcmpiA
lstrlenA
GetEnvironmentStrings
GetStdHandle
GetFileAttributesW
GetTempPathA
ResumeThread
GetUserDefaultLCID
GetModuleFileNameA
WriteConsoleW
GetSystemTimeAsFileTime

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87f7643a98bee50301e1040ba1c3186e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 145KB - Virtual size: 145KB

.tls Size: 512B - Virtual size: 50KB

BSS Size: 1024B - Virtual size: 51KB

.textbss Size: 512B - Virtual size: 50KB

.rsrc Size: 512B - Virtual size: 492B

.text
Size: 145KB - Virtual size: 145KB

.tls
Size: 512B - Virtual size: 50KB

BSS
Size: 1024B - Virtual size: 51KB

.textbss
Size: 512B - Virtual size: 50KB

.rsrc
Size: 512B - Virtual size: 492B