NEAS[.]c70d8296c5ddc668d406c93ef8b805b0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.c70d8296c5ddc668d406c93ef8b805b0.exe
Size

481KB
MD5

c70d8296c5ddc668d406c93ef8b805b0
SHA1

79d05e2313b20022db3a233eb67c925107df8718
SHA256

5eb322755a7702a9dd5f1b20aa199746a0c35ebdac671b565223269c46a99a95
SHA512

a6d3f88a74839f12b32fce80e9a96918c19d6df31f7362cfdd85ee4b3b790b26caf43fcf89f45015949b1e0fa69ddb46f77c44448bcd63d4a00ac168ab8125ee
SSDEEP

6144:pEnB/as2qIlv0u2n/j0EOiyZpfPPFhEN9lq+DIJMa5l010IfyX9KWF+ygTj1:6nBay85PnEWLUfyX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c70d8296c5ddc668d406c93ef8b805b0.exe

Files

NEAS.c70d8296c5ddc668d406c93ef8b805b0.exe
.exe windows:4 windows x86

8a2595364a5dfe61a7fd611ddc14cd57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
EqualSid

comctl32

CreateToolbarEx
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
InitCommonControls

gdi32

GetTextMetricsA
CreateCompatibleDC
SelectObject
CreateSolidBrush
TextOutA
BitBlt
SetTextColor
SetBkMode
GetStockObject
CreateFontIndirectA
DeleteObject
CreateCompatibleBitmap
DeleteDC

kernel32

Sleep
GlobalLock
lstrcpy
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
CompareStringA
lstrlen
GlobalUnlock
WritePrivateProfileStructA
GetModuleHandleA
lstrcat
lstrcpyn
GetPrivateProfileStructA
ReadFile
SetFilePointer
SetEndOfFile
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
CreateThread
VirtualProtect
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
LockResource
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
ExitProcess
VirtualQuery
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
HeapAlloc
HeapReAlloc
HeapFree
GetVersionExA
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
FindFirstFileA
FindNextFileA
GetTickCount
FindClose
GlobalAlloc
ReadProcessMemory
GetTempPathA
GlobalFree
MulDiv
GetModuleFileNameA
GetCurrentThread
GetLastError
GetCurrentProcess
OpenProcess
TerminateProcess
WaitForSingleObject
TerminateThread
GetFileAttributesA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
CloseHandle
WriteFile
GetSystemInfo

shell32

Shell_NotifyIcon
DragFinish
DragQueryFile
ShellExecuteA
DragAcceptFiles
SHBrowseForFolder
SHGetPathFromIDList
SHGetFileInfo

user32

GetClientRect
ScreenToClient
LoadBitmapA
LoadAcceleratorsA
GetMessageA
TranslateAccelerator
wsprintfA
DispatchMessageA
DefWindowProcA
CheckRadioButton
GetScrollInfo
IsClipboardFormatAvailable
GetClipboardData
GetWindowTextLengthA
CreateWindowExA
GetSystemMetrics
RegisterClassA
GetParent
GetDlgCtrlID
GetClassInfoA
EnumClipboardFormats
TranslateMessage
CheckDlgButton
SetFocus
GetScrollPos
SetScrollPos
SetScrollRange
GetClassLongA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
RegisterClipboardFormatA
AppendMenuA
GetAsyncKeyState
IsZoomed
IsIconic
PostQuitMessage
IsWindowEnabled
MessageBoxIndirectA
wvsprintfA
InvalidateRect
GetDC
ReleaseDC
BeginPaint
FillRect
EndPaint
UpdateWindow
DestroyMenu
FindWindowA
SetForegroundWindow
SetWindowPos
TrackPopupMenu
PostMessageA
SetWindowLongA
ShowWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DialogBoxParamA
GetCursorPos
TrackPopupMenuEx
LoadIconA
CreatePopupMenu
InsertMenuA
GetDlgItemTextA
IsDlgButtonChecked
CallWindowProcA
MessageBeep
GetSysColorBrush
SetDlgItemTextA
LoadCursorA
SetClassLongA
EndDialog
EnableWindow
SetWindowTextA
SendDlgItemMessageA
SendMessageA
MessageBoxA
MoveWindow
GetDlgItem
GetWindowRect
CreateCaret

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 432KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a2595364a5dfe61a7fd611ddc14cd57

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

shell32

user32

comdlg32

Sections

.text Size: 432KB - Virtual size: 496KB

.idata Size: 5KB - Virtual size: 8KB

.rsrc Size: 42KB - Virtual size: 42KB

.text
Size: 432KB - Virtual size: 496KB

.idata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 42KB - Virtual size: 42KB