NEAS[.]87e3bef2377c5ddd372178d195a2d420[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.87e3bef2377c5ddd372178d195a2d420.exe
Size

1.9MB
MD5

87e3bef2377c5ddd372178d195a2d420
SHA1

f6ee0d5920a210234fcd133008dce8ac1ac1fea9
SHA256

f8552748dd463c822bed02eee8b63bb34177b3922e85185924abb2e59d44f572
SHA512

fbb2c1f9b9d665e1b84af55e581424cd2ad03c97f484daa9501746d242e63b4df3284f63277c2cb97b32c782411f5ce8bf2f7cc79732b208d499ba93054d9706
SSDEEP

24576:238JtMJ55ilDegi2XEUhNPNtr1IoR0oMd6yYhf+N1J2pb4GEQLrzqaW6NemxRtpB:pe5MdlXW7d6yYhWN14BJAmtH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.87e3bef2377c5ddd372178d195a2d420.exe

Files

NEAS.87e3bef2377c5ddd372178d195a2d420.exe
.exe windows:4 windows x86

f5454d91f7f4efc2f344638f3af19f00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord19
ord72
ord12
ord11
ord18
ord4
ord8
ord13
ord1
ord7
ord3
ord57
ord10
ord16
ord9
ord14
ord15
ord2

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Add

kernel32

GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
GlobalHandle
GetFileSize
GetPrivateProfileStringA
GetVersionExA
CopyFileA
FindFirstFileA
FreeLibrary
SystemTimeToFileTime
Sleep
WritePrivateProfileStringA
MulDiv
GetSystemInfo
GlobalMemoryStatus
GetLocaleInfoA
GetProfileStringA
WaitForSingleObject
CreateProcessW
DeleteFileA
GetFileAttributesA
SetLastError
LocalFree
WideCharToMultiByte
SetFileAttributesA
GetWindowsDirectoryA
GetSystemDirectoryA
lstrcpyA
OpenFile
lstrlenA
LocalAlloc
RemoveDirectoryA
FindClose
MoveFileA
DeviceIoControl
GetVersion
OpenProcess
TerminateProcess
SetFilePointer
LocalReAlloc
GetCurrentProcessId
SetEvent
GetModuleFileNameA
GetLocaleInfoW
InterlockedExchange
GetCurrentThreadId
QueryPerformanceCounter
SetStdHandle
IsBadCodePtr
IsBadReadPtr
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
VirtualQuery
VirtualProtect
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetOEMCP
GetACP
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCPInfo
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetLocalTime
HeapAlloc
GetCurrentProcess
ExitProcess
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
CloseHandle
RaiseException
RtlUnwind
HeapFree
CreateFileA
GetLastError
FormatMessageA
GetPrivateProfileIntA
GetDiskFreeSpaceA
WriteFile
ReadFile
GetSystemTime
GetTickCount
GetDateFormatA
CreateDirectoryA
LoadLibraryA
GetProcAddress
GetModuleHandleA
SetEndOfFile
CreateEventA

user32

SetForegroundWindow
SendMessageCallbackA
GetWindowThreadProcessId
EnumWindows
GetKeyboardType
SetRect
FillRect
PeekMessageA
IntersectRect
DrawTextA
DestroyIcon
LoadStringA
SendMessageA
MessageBoxA
GetSystemMetrics
GetClientRect
LoadBitmapA
FindWindowA
GetDC
ReleaseDC
SendDlgItemMessageA
GetDesktopWindow
SetWindowPos
SetWindowPlacement
GetWindowPlacement
wsprintfA
EmptyClipboard
SetCapture
ReleaseCapture
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
RedrawWindow
IsWindowEnabled
SetDlgItemInt
LoadImageA
MapWindowPoints
GetCursorPos
DestroyMenu
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
RegisterClipboardFormatA
LoadIconA
RegisterClassExA
DefWindowProcA
InflateRect
PostQuitMessage
DestroyWindow
CreateWindowExA
CreateDialogParamA
PostMessageA
IsWindow
GetWindowRect
MoveWindow
ShowCursor
MessageBeep
DialogBoxParamA
IsDlgButtonChecked
GetWindowTextA
CheckRadioButton
EnableWindow
EndDialog
GetParent
LoadCursorA
SetCursor
UpdateWindow
SetFocus
GetFocus
GetNextDlgTabItem
ShowWindow
GetDlgItem
IsWindowVisible
SetWindowTextA
LoadMenuA
GetSubMenu
EnableMenuItem
TrackPopupMenu
LoadAcceleratorsA

gdi32

AbortDoc
StartDocA
SetBkMode
EndDoc
CreateBrushIndirect
SetBkColor
EndPage
StartPage
CreateDCA
DeleteDC
CreateFontIndirectA
DeleteObject
GetStockObject
GetTextMetricsA
SelectObject
CreateFontA
GetDeviceCaps
SetAbortProc
CreateRectRgn

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

advapi32

RegCloseKey
DeleteService
OpenServiceA
StartServiceA
ControlService
QueryServiceStatus
CreateServiceA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
OpenSCManagerA
CloseServiceHandle
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

shell32

SHFileOperationA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5454d91f7f4efc2f344638f3af19f00

Headers

File Characteristics

Imports

odbc32

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 1.5MB - Virtual size: 2.5MB

_TEXT_HA Size: 68KB - Virtual size: 66KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 1.5MB - Virtual size: 2.5MB

_TEXT_HA
Size: 68KB - Virtual size: 66KB

.rsrc
Size: 64KB - Virtual size: 60KB