NEAS[.]80ada689d5b07439be60555db3211650[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.80ada689d5b07439be60555db3211650.exe
Size

128KB
MD5

80ada689d5b07439be60555db3211650
SHA1

bd692308fe1fecd0c650f6ae9be1b7f77c8a424e
SHA256

3cc175f985e0ee9d74dc1733683e4ea5bc54d1b254efd4085bfdcb1d40c7770e
SHA512

2910002bb9c1b847c7a8300dbe8d055f49c8c0b1bb20e0e60221271582aa0613c5557f7695d72544ced90dd9c505bfca8b952a6c8cef53c8adf520637249927f
SSDEEP

1536:Yh+cssCTDL/8M/V1gj89xRjNggp6YfMpA6EZ6rrSdhCK8:+CTH0Md62HJqINZUyhCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.80ada689d5b07439be60555db3211650.exe

Files

NEAS.80ada689d5b07439be60555db3211650.exe
.exe windows:4 windows x86

81ed84fbaa11575ca83daa1e79e8c62b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
CreateEventA
SetEvent
GetExitCodeThread
ResumeThread
FindClose
FindFirstFileA
ResetEvent
GetSystemTime
SuspendThread
WaitForMultipleObjects
GetTickCount
ExitThread
lstrcmpA
CreateProcessA
WaitForSingleObject
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
TerminateThread
CreateThread
CloseHandle
GetVersionExA
CreateFileA
GetModuleHandleA
DeviceIoControl
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetLastError
WriteFile
RtlUnwind
GetFileType
FlushFileBuffers
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree

advapi32

RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey
GetCurrentHwProfileA

user32

EnumDisplaySettingsA
FindWindowA
MessageBeep
keybd_event
GetSystemMetrics
WaitForInputIdle
DestroyWindow
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
DefWindowProcA
PostQuitMessage
IsWindow
KillTimer
EnumThreadWindows
PostMessageA
GetActiveWindow
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId

shell32

ShellExecuteA

winmm

mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerClose
mixerSetControlDetails

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

81ed84fbaa11575ca83daa1e79e8c62b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

winmm

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 60KB - Virtual size: 59KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 60KB - Virtual size: 59KB