NEAS[.]8be1e148c3c18665563547d00bca6900[.]exe

General

Target

NEAS.8be1e148c3c18665563547d00bca6900.exe
Size

192KB
MD5

8be1e148c3c18665563547d00bca6900
SHA1

7e1268e99a686454e23896ff962b5f49996ea61f
SHA256

feebde195ec13b0e2a335c3af6dce47eded8934d4f5cd4f1f3e9d2fe6b76ac84
SHA512

be04e11c431e367a68f40701a4f87be1a6288466c06d9d3d008215c770ad92e723fdb23c973e89734fb4dafa4f7bcf9c2fa2a1453cdfc3702333c1bafc04e777
SSDEEP

3072:LYlXmBWrSldJ9UW3Mxvp/u2qWAhU2cc/JaEu89cezh4b8JUG0q:MlQ4K9UWcx5ydUgLJUa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8be1e148c3c18665563547d00bca6900.exe

Files

NEAS.8be1e148c3c18665563547d00bca6900.exe
.exe windows:4 windows x86

7520b6de3438eb5ab6d950d42dedd276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

_mFiD791
CBL_TOUPPER
CBL_ALLOC_MEM
CBL_FREE_MEM
CBL_CANCEL
ord1015
_mFiD7A1
CBL_FILENAME_CONVERT
CBL_SPLIT_FILENAME
CBL_JOIN_FILENAME
CBL_CHECK_FILE_EXIST
_mFiD7B0
ord1701
ord1021
CBL_CMPNLS
ord1461
ord1294
CBL_MBCS_CHAR_LEN
ord1333
_mFgF800
_mFgF802
ord1475
cob_COYIELD
CBL_NLS_GET_MSG
CBL_FN_CURRENT0DATE
ord1574
ord1573
ord1267
ord1579
ord1578
_mFgproglock
_mFgF811
CBL_CREATE_FILE
CBL_DELETE_FILE
CBL_RENAME_FILE
CBL_COPY_FILE
CBL_CLOSE_FILE
CBL_LCKFILE
CBL_UNLFILE
CBL_UNLOCK
CBL_FLUSH_FILE
CBL_SET_SEMAPHORE
CBL_FREE_SEMAPHORE
CBL_TEST_LOCK
CBL_GET_LOCK
CBL_FREE_LOCK
CBL_READ_FILE
CBL_WRITE_FILE
CBL_OPEN_VFILE
CBL_CLOSE_VFILE
CBL_READ_VFILE
CBL_WRITE_VFILE
CBL_FN_UPPER0CASE
CBL_LOCATE_FILE
_mFginitdat_dll
ord969
ord733
ord968
ord2038
ord2006
_mFgmain2
_mFgWinMain2
_mFgF813
ord1250
ord1155
ord1006
_mFgF805
CBL_GET_OS_INFO
CBL_EXIT_PROC
mF_eloc
_mFgprogunlock
_mFgprogchain
_mFgtypecheck
_mFgprogcheckexit
_mFgF801
CBL_CREATE_DIR
EXTFH
_mFfindp
_mFgAE
_mFgCE
CBL_OPEN_FILE
_mFgprogunchain

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

kernel32

GetModuleHandleA
GetCommandLineA
GetStartupInfoA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7520b6de3438eb5ab6d950d42dedd276

Headers

File Characteristics

Imports

cblrtss

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 50KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 50KB