NEAS[.]d5b982acaee360297a654c81ee1169f0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d5b982acaee360297a654c81ee1169f0.exe
Size

393KB
MD5

d5b982acaee360297a654c81ee1169f0
SHA1

8b60b188c2678dfe5ad2f79122fb3005f5ce5017
SHA256

8430ccd00a84c03b06e5c3715b0158793de0a500bd2091b97fe7eff9e5e88f06
SHA512

f1eab93bacb08bf8e05b09031878a39d16b0eec731d660772f4b2a59fa1feb73370dfd71c99eacf6955c1e5693f60717187b15968ac712f1f6b5cc32f57ec29c
SSDEEP

6144:U5Ag02BpCQnvQjM6zS8Dg4iEvwsfuuCgACTHYeVlb6:690KpCqQ46z7Dg4iSvfuurACT4eV96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d5b982acaee360297a654c81ee1169f0.exe

Files

NEAS.d5b982acaee360297a654c81ee1169f0.exe
.exe windows:4 windows x86

4429b4ae94a7baa498f6d5ade29e0932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA

kernel32

RaiseException
CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
SetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
LoadLibraryA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GlobalHandle
GlobalUnlock
GlobalFree
RtlUnwind
FindResourceA
LoadResource
LockResource
FreeResource
GlobalAlloc
GlobalLock
SetEndOfFile
WideCharToMultiByte
SetFilePointer
GetCPInfo
HeapFree
GetLastError
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ReadFile
CloseHandle
HeapAlloc
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
GetFileAttributesA
GetACP
GetOEMCP

user32

DispatchMessageA
CreateWindowExA
EnableWindow
CreateDialogParamA
SetRect
SetWindowPos
DestroyCursor
LoadIconA
RegisterClassA
GetCursorPos
PtInRect
DestroyWindow
PostQuitMessage
DefWindowProcA
InvalidateRect
SetTimer
WaitMessage
GetMessageA
TranslateMessage
KillTimer
GetDC
PostMessageA
MessageBoxA
LoadCursorA
GetDesktopWindow
GetWindowRect
SetCursor
ShowWindow
UpdateWindow
SetRectEmpty
OffsetRect
UnionRect
BeginPaint
IsRectEmpty
CopyRect
GetClientRect
EndPaint
ReleaseDC

gdi32

Escape
StartDocA
StartPage
SetViewportOrgEx
EndPage
EndDoc
StretchDIBits
CreateDCA
CreatePalette
CreateSolidBrush
GetDeviceCaps
GetStockObject
Rectangle
CreateCompatibleBitmap
GetBkColor
GetTextColor
CreateBitmap
SetBkColor
SetTextColor
DeleteObject
CreateCompatibleDC
SelectPalette
RealizePalette
SelectObject
BitBlt
DeleteDC

comdlg32

PrintDlgA

Exports

Exports

?PrintingDlgProc@@YGHPAUHWND__@@IIJ@Z

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4429b4ae94a7baa498f6d5ade29e0932

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 88KB - Virtual size: 85KB