NEAS[.]fcc89b41ac05a47c44bfe9df9d3c7520[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.fcc89b41ac05a47c44bfe9df9d3c7520.exe
Size

216KB
MD5

fcc89b41ac05a47c44bfe9df9d3c7520
SHA1

cbb47f5c8d5e54f5aa5366f9d4103209fac37c32
SHA256

28f899907e7083006b2829fc1b99565ca4e1941962e2fc0176ac416d24c75ffd
SHA512

55c1890cf6cbd68b018b581a733e0a6412c91df58475324e29e39394154893925803a9d56c4ea21e6546e819b75831154c53aa4ece64ff0aaba93ff590a86ad2
SSDEEP

3072:yUxxO9ITyd3nRi8fTdwxD5xNVT8bJLWjDRPOGMde+o4iM/kMwGS8bvZh9tdp:y8xOSTtQTixDTz8IDpAkMlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fcc89b41ac05a47c44bfe9df9d3c7520.exe

Files

NEAS.fcc89b41ac05a47c44bfe9df9d3c7520.exe
.dll windows:5 windows x64

f2b01dd7b057d9e719b5345ac2a3de06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
WaitForSingleObject
TerminateThread
CreateDirectoryW
WriteFile
MultiByteToWideChar
SetEvent
ResetEvent
CreateEventW
RaiseException
InitializeCriticalSectionAndSpinCount
DecodePointer
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetFileSizeEx
SetLastError
GetExitCodeThread
SetFilePointerEx
GetCurrentProcessId
GetCurrentProcess
GetSystemInfo
SetUnhandledExceptionFilter
Sleep
ExitProcess
lstrlenW
lstrcmpiW
lstrcpyW
GetUserDefaultLangID
DisableThreadLibraryCalls
FlushFileBuffers
WriteConsoleW
SetStdHandle
OutputDebugStringW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetFilePointer
ReadFile
EnterCriticalSection
CloseHandle
CreateFileW
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
DeleteFileW
GetTempPathW
GetModuleFileNameW
GetLastError
LeaveCriticalSection
CreateEventA
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
RtlUnwindEx
GetModuleHandleExW
GetTimeZoneInformation
RtlPcToFileHeader
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
ExitThread
CreateThread
EncodePointer
GetSystemTimeAsFileTime
SetEnvironmentVariableA

user32

PostMessageW
GetWindowTextW
DefWindowProcW
BeginPaint
GetWindowRect
wsprintfW
MessageBoxW
IsWindowVisible
GetClassLongPtrW
LoadIconW
SetClassLongPtrW
SetWindowTextA
IsProcessDPIAware
GetDC
SetWindowTextW
GetDlgCtrlID
GetWindow
EndDialog
DialogBoxParamW
SendMessageW
GetDlgItem
InvalidateRect
ShowWindow
MoveWindow
ReleaseDC

gdi32

CreateFontW
GetDeviceCaps
LineTo
MoveToEx
SelectObject
CreateSolidBrush
SetTextColor
CreatePen

shell32

SHGetFileInfoW
ShellExecuteW

ole32

CoUninitialize

shlwapi

PathRemoveFileSpecW

winhttp

WinHttpReadData
WinHttpOpenRequest
WinHttpCrackUrl
WinHttpOpen
WinHttpSetTimeouts
WinHttpConnect
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpWriteData
WinHttpQueryAuthSchemes

dbghelp

MiniDumpWriteDump

Exports

Exports

Finalization
GetAppInfo
GetLibVersion
Init
ResLanguage
SetAppInfo

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2b01dd7b057d9e719b5345ac2a3de06

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

winhttp

dbghelp

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 82KB

.pdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 82KB

.pdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB