NEAS[.]89004f5a747d7077698f74498ca945a0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.89004f5a747d7077698f74498ca945a0.exe
Size

879KB
MD5

89004f5a747d7077698f74498ca945a0
SHA1

e3c44b4e2ee5f2f02532a0b4a093fadd77a6c70c
SHA256

a957f957f578cdcab9fde40a1f76cc728d5f3237d0d901c3af1b7edf32f7ec34
SHA512

192cbb68380c138ca1484807a02a82006b69cdb58d2813724ad4cccf3ed33579091b680c2cfeec3b29df30d8e49a776ae1c87416be363bfd94c4158ef68ff406
SSDEEP

24576:+UiChLA7Di6s9ysl2HJM6EhREL6a9E5aoz:gDifUP0Rx5aoz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.89004f5a747d7077698f74498ca945a0.exe

Files

NEAS.89004f5a747d7077698f74498ca945a0.exe
.exe windows:5 windows x86

9e06e1fc913f60f98aa3cb51e3106814

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FindResourceExW
WideCharToMultiByte
CreateFileA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStartupInfoA
GetFileType
SetHandleCount
RtlUnwind
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetCurrentProcessId
WriteFile
ExitProcess
Sleep
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
lstrlenA
lstrcpynA
LockResource
WaitForSingleObject
ResetEvent
CreateThread
SetEvent
CloseHandle
CreateEventW
GetCurrentThread
LoadLibraryExA
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
ReadFile
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
WriteProfileStringW
SetStdHandle
GetTickCount
OutputDebugStringW
IsBadStringPtrW
FreeLibrary
LoadLibraryW
lstrcpynW
SetLastError
lstrcatW
GlobalAlloc
MulDiv
GlobalUnlock
GlobalLock
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetVersionExW
lstrcpyW
lstrlenW
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
RaiseException

user32

MessageBeep
IsWindowEnabled
UnhookWindowsHookEx
SetWindowsHookExW
CheckMenuRadioItem
GetMenuItemID
EnableMenuItem
AppendMenuW
DeleteMenu
GetDlgCtrlID
SystemParametersInfoW
LoadStringA
PostQuitMessage
CreatePopupMenu
UpdateWindow
GetWindowThreadProcessId
GetActiveWindow
IsMenu
DestroyMenu
TranslateAcceleratorW
SetClassLongW
MsgWaitForMultipleObjects
DrawEdge
GetMessageW
TranslateMessage
DispatchMessageW
GetClassNameW
CreateAcceleratorTableW
ScreenToClient
SetCapture
ReleaseCapture
FillRect
GetSysColorBrush
FrameRect
GetMessagePos
WindowFromPoint
GetMonitorInfoW
AdjustWindowRectEx
TrackPopupMenuEx
ModifyMenuW
CallNextHookEx
DrawFrameControl
MonitorFromPoint
RemoveMenu
InvalidateRgn
GetDC
GetDesktopWindow
DestroyAcceleratorTable
GetWindowTextA
ClientToScreen
SetFocus
PostThreadMessageW
GetWindowPlacement
GetIconInfo
SetMenu
GetKeyState
GetFocus
IsChild
MessageBoxW
PeekMessageW
EndPaint
DrawTextW
DrawIconEx
BeginPaint
MapWindowPoints
GetClassLongW
CharNextW
LoadStringW
LoadMenuW
LoadAcceleratorsW
OffsetRect
InflateRect
SetRectEmpty
RegisterWindowMessageW
PostMessageW
ReleaseDC
GetWindowDC
SetCursor
SetWindowTextW
GetDlgItem
SetMenuItemInfoW
GetMenuItemInfoW
SetMenuDefaultItem
GetMenu
GetSubMenu
GetMenuItemCount
RegisterClassExW
LoadImageW
wvsprintfW
LoadCursorW
GetClassInfoExW
DestroyIcon
MoveWindow
GetWindowTextW
GetWindowTextLengthW
LoadIconW
GetWindow
InvalidateRect
PtInRect
GetParent
CreateWindowExW
SetPropW
IsWindowVisible
GetPropW
ShowWindow
SetWindowPos
IsWindow
GetSystemMetrics
SetWindowLongW
CallWindowProcW
DefWindowProcW
GetWindowRect
RedrawWindow
GetClientRect
DestroyWindow
GetWindowLongW
GetSysColor
LoadBitmapW
EqualRect
SendMessageW
CharLowerW
UnregisterClassA

gdi32

PatBlt
CreatePatternBrush
CreateBitmap
SetBkColor
SetBrushOrgEx
CreatePen
Polygon
SetTextColor
SetViewportOrgEx
OffsetWindowOrgEx
SetWindowOrgEx
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
BitBlt
GetObjectW
GetDeviceCaps
SetStretchBltMode
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC
SelectObject
DeleteDC
GetStockObject
CreateDIBSection
SetBkMode
StretchBlt

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW

ole32

CoUninitialize
OleInitialize
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
OleUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CoTaskMemFree

oleaut32

DispCallFunc
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
SysStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_LoadImageW
InitCommonControlsEx

msimg32

TransparentBlt

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 642KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e06e1fc913f60f98aa3cb51e3106814

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 642KB - Virtual size: 641KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 642KB - Virtual size: 641KB