NEAS[.]90c039f9680b8f90985b3ba714dbebb0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.90c039f9680b8f90985b3ba714dbebb0.exe
Size

1.1MB
MD5

90c039f9680b8f90985b3ba714dbebb0
SHA1

93e56a0210de68d55518c783b22fd1618f669693
SHA256

b6cb43af4c3b349e2e8b1d176270a7b85920eb768adb9fb32f1e9310e63ae0f0
SHA512

47fd22764ed871f5854bd1e5db655f40ab80efefeb449944586a88d45eabe25f4bf49f8e1eaff4aad7f39d5464224ef46ac1369d081fe5debf018eb54916d1ac
SSDEEP

24576:q0RoEJqbg1xhCKjZsO/V0+Edmt4EJJzPdM82:joEJEACKjZZ/VJt4EJtdMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.90c039f9680b8f90985b3ba714dbebb0.exe

Files

NEAS.90c039f9680b8f90985b3ba714dbebb0.exe
.dll windows:4 windows x86

877641cbd3941ae34729126753704edf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
CloseHandle
FlushFileBuffers
RaiseException
RtlUnwind
IsBadReadPtr
HeapAlloc
HeapFree
GetVersionExA
GetCommandLineA
GetVersion
SetUnhandledExceptionFilter
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
GetLastError
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadCodePtr
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetDC
ReleaseDC
GetWindowRect
GetSystemMetrics
GetDesktopWindow
WindowFromDC

gdi32

CreateCompatibleBitmap
GetDeviceCaps
SetBitmapBits
BitBlt
GetBitmapBits
CreateBrushIndirect
SetMapMode
GetDIBits
CreatePalette
GetStockObject
RealizePalette
GetViewportOrgEx
SelectPalette
SetBkColor
SetTextColor
DeleteObject
SelectObject
CreateDIBPatternBrushPt
CreateCompatibleDC
CreatePolyPolygonRgn
RestoreDC
StretchDIBits
SetStretchBltMode
ExtSelectClipRgn
SaveDC
DeleteDC
GetDIBColorTable
GetObjectA
PatBlt
CreateBitmap
CreateSolidBrush
CreatePatternBrush
CreateDIBitmap

Exports

Exports

AGMGetVersion
AGMInitialize
AGMTerminate

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

877641cbd3941ae34729126753704edf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 644KB - Virtual size: 643KB

.rdata Size: 128KB - Virtual size: 124KB

.data Size: 64KB - Virtual size: 217KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 64KB - Virtual size: 61KB

.text Size: 252KB - Virtual size: 252KB

.text
Size: 644KB - Virtual size: 643KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 64KB - Virtual size: 217KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 64KB - Virtual size: 61KB

.text
Size: 252KB - Virtual size: 252KB