NEAS[.]f91bcaa409e2ccf1fc63663760b97bc0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f91bcaa409e2ccf1fc63663760b97bc0.exe
Size

263KB
MD5

f91bcaa409e2ccf1fc63663760b97bc0
SHA1

7f091b0558a25bc1b51363b11525aaffc8692166
SHA256

893ef2b1e17fb75e81428ee9739b67ad38646975e1686bbb17c38ecee286bc95
SHA512

ff753ce3cb8835559f62420b781eb0746c5d68c883805d814b42c075937bd39730f32f26f11333efbffd58bddd551f859ce16cf43cfda4bd2c4e67f160b2c673
SSDEEP

3072:dkD2fjnrUgBD5P/Di7jo6uxCwkbCpV+J9ks+Xe5MOKV/YYsxCkQaGvp9IW5QkwOU:dkiLnAu/uf6aCpVkk8MOKVoskQaGx9n2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f91bcaa409e2ccf1fc63663760b97bc0.exe

Files

NEAS.f91bcaa409e2ccf1fc63663760b97bc0.exe
.dll windows:5 windows x86

c3cf501b96acd14d4b4d65971bb8fce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qtcore4

?changeGuard@QMetaObject@@SAXPAPAVQObject@@PAV2@@Z
?removeGuard@QMetaObject@@SAXPAPAVQObject@@@Z
??1QTextCodecPlugin@@UAE@XZ
?create@QTextCodecPlugin@@EAEPAVQTextCodec@@ABVQString@@@Z
?keys@QTextCodecPlugin@@EBE?AVQStringList@@XZ
?disconnectNotify@QObject@@MAEXPBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?append@QString@@QAEAAV1@VQChar@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?qt_metacall@QTextCodecPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QTextCodecPlugin@@UAEPAXPBD@Z
?metaObject@QTextCodecPlugin@@UBEPBUQMetaObject@@XZ
??0QTextCodecPlugin@@QAE@PAVQObject@@@Z
?qgetenv@@YA?AVQByteArray@@PBD@Z
?isNull@QByteArray@@QBE_NXZ
?qstricmp@@YAHPBD0@Z
?indexOf@QByteArray@@QBEHDH@Z
?mid@QByteArray@@QBE?AV1@HH@Z
?trimmed@QByteArray@@QBE?AV1@XZ
??4QByteArray@@QAEAAV0@ABV0@@Z
?append@QListData@@QAEPAPAXXZ
?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?append@QByteArray@@QAEAAV1@PBD@Z
?append@QByteArray@@QAEAAV1@D@Z
?shared_null@QString@@0UData@1@A
??YQString@@QAEAAV0@VQChar@@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
??1QString@@QAE@XZ
?shared_null@QByteArray@@0UData@1@A
?resize@QByteArray@@QAEXH@Z
?detach@QByteArray@@QAEXXZ
??1QByteArray@@QAE@XZ
?qFree@@YAXPAX@Z
?shared_null@QListData@@2UData@1@A
??0QByteArray@@QAE@PBD@Z
??0QTextCodec@@IAE@XZ
?append2@QListData@@QAEPAPAXABU1@@Z
??1QTextCodec@@MAE@XZ

msvcr90

memcpy
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??2@YAPAXI@Z
strchr
_CxxThrowException
??3@YAXPAX@Z
__CxxFrameHandler3
__clean_type_info_names_internal

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

qt_plugin_instance
qt_plugin_query_verification_data

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3cf501b96acd14d4b4d65971bb8fce7

Headers

File Characteristics

Imports

qtcore4

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text Size: 99KB - Virtual size: 100KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 99KB - Virtual size: 100KB