NEAS[.]8f416b932ffaa66bb4a3f4d1eb9cb9e0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.8f416b932ffaa66bb4a3f4d1eb9cb9e0.exe
Size

3.2MB
MD5

8f416b932ffaa66bb4a3f4d1eb9cb9e0
SHA1

f82c380503f9a4550540d15538bb7a6335ee9785
SHA256

bc1a1e026f202197d17d824307aeec00da0f223b48d93aa3fbc944f9514d0c5e
SHA512

c4d31657457287f686294147586bbe042fb303780cb0fdb14987303f9968194ffc424c71115949fead333dae648151a35049f974921d69c67140879c5a2a3cb4
SSDEEP

49152:kSfzhp0te3JwjDX6N68+eNH95LoQQJqboxHp8EzvjVT+6uud1T7uZPYa:kSbhp0t2OToZN3oQQJigpx+fuLuZP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8f416b932ffaa66bb4a3f4d1eb9cb9e0.exe

Files

NEAS.8f416b932ffaa66bb4a3f4d1eb9cb9e0.exe
.dll regsvr32 windows:6 windows x86

79d4d5417336f3c369ca36cba8242f54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
lstrlenW
FindResourceW
FreeLibrary
CloseHandle
WaitForSingleObject
CreateThread
SetThreadPriority
GetThreadPriority
ResumeThread
DisableThreadLibraryCalls
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
RemoveVectoredExceptionHandler
Sleep
InterlockedExchange
AddVectoredExceptionHandler
GetLastError
MultiByteToWideChar
RaiseException
LoadLibraryA
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
HeapFree
HeapAlloc
WerRegisterMemoryBlock
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapSetInformation
GetProcessHeap
QueryPerformanceCounter
InterlockedCompareExchange
LockResource
InitializeCriticalSection
ExpandEnvironmentStringsW
LCMapStringW
WideCharToMultiByte
GetTickCount
CreateEventW
SetEvent
FormatMessageW

advapi32

RegQueryValueExW
RegisterEventSourceW
ReportEventW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
DeregisterEventSource

ole32

CoTaskMemFree
CoCreateGuid
StringFromCLSID
CoUninitialize
CoCreateInstance
CoCreateFreeThreadedMarshaler
CLSIDFromString
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoInitialize

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString
CreateErrorInfo
SetErrorInfo

msvcr100

_CIsin
_CIatan2
_nextafter
_CIacos
_CIexp
_CIatan
wcschr
vswprintf_s
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_CIcos
_time64
__RTDynamicCast
qsort_s
_itow_s
_vsnwprintf
wcsncmp
realloc
memcpy
memmove
memset
_CxxThrowException
wcsstr
wcsncpy_s
wcscpy_s
wcscat_s
memcpy_s
_resetstkoflw
_recalloc
malloc
free
calloc
_CIlog
__CxxFrameHandler3
_CItanh

faultrep

ReportFault

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 838KB - Virtual size: 837KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 665KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79d4d5417336f3c369ca36cba8242f54

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

msvcr100

faultrep

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 59KB - Virtual size: 69KB

.rsrc Size: 838KB - Virtual size: 837KB

.reloc Size: 665KB - Virtual size: 668KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 59KB - Virtual size: 69KB

.rsrc
Size: 838KB - Virtual size: 837KB

.reloc
Size: 665KB - Virtual size: 668KB