NEAS[.]a270f2ca978ca071eb47a19ca1c09d90[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a270f2ca978ca071eb47a19ca1c09d90.exe
Size

3.6MB
MD5

a270f2ca978ca071eb47a19ca1c09d90
SHA1

9ae18ab3a48a867cff3d6c1bd040362303c4377a
SHA256

c34f3e2804630d0adb194ad58e4c535e27a155ba2260afce4b43961cf856d608
SHA512

823bdeae15982367fdceb30498efc903ba6617f35fb289eb6a01d006f8f6726d85291ca07b5a4647d2986d838bb71018414615719f05803e771a0480c9b3805c
SSDEEP

24576:Kaj/eggQM2LTeizwE4j5WvT38KgNWpDt+u+AIaOafT8y+AIaOafT8:f/7QViGdgTPY2Dt+u+2T8y+2T8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a270f2ca978ca071eb47a19ca1c09d90.exe

Files

NEAS.a270f2ca978ca071eb47a19ca1c09d90.exe
.exe windows:4 windows x86

5c500af456d1097bea28807249160596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetStdHandle
HeapSize
HeapReAlloc
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
RaiseException
TerminateProcess
GetProfileStringA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
LocalSize
OpenProcess
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
VirtualQuery
VirtualProtect
GetSystemInfo
ResetEvent
GetCurrentProcessId
HeapAlloc
HeapFree
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GetFileTime
GetFileAttributesA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
lstrcmpA
GetCurrentThread
MulDiv
InterlockedIncrement
SetThreadPriority
ResumeThread
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindClose
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
DeleteCriticalSection
FormatMessageA
LocalAlloc
SetLastError
FreeLibrary
SetEndOfFile
CreateEventA
GetExitCodeThread
SetEvent
SetFilePointer
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateDirectoryA
LocalFree
InterlockedDecrement
GetPrivateProfileSectionA
lstrlenA
MultiByteToWideChar
GetLastError
lstrcpyA
GetPrivateProfileStringA
lstrcpynA
DeviceIoControl
SetUnhandledExceptionFilter
GetModuleFileNameA
ExitProcess
FindResourceA
SizeofResource
LoadResource
LockResource
GlobalFree
GetTickCount
GetTempPathA
GlobalAlloc
GlobalLock
GlobalUnlock
TerminateThread
CopyFileA
WriteFile
MoveFileA
DeleteFileA
ReadFile
EnterCriticalSection
LeaveCriticalSection
Sleep
InitializeCriticalSection
CreateFileA
GetFileSize
CloseHandle
GetPrivateProfileSectionNamesA
WaitForSingleObject
OpenMutexA
LoadLibraryA
CreateMutexA
GetProcAddress
CreateProcessA
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
CreateThread

user32

SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
MoveWindow
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
ReleaseCapture
WaitMessage
GetWindowThreadProcessId
EndPaint
LoadIconA
SendMessageA
LoadImageA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
CharUpperA
GetDesktopWindow
ShowWindow
wvsprintfA
ValidateRect
GetMessageA
ClientToScreen
GetWindowDC
WinHelpA
BeginPaint
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
PeekMessageA
EnableWindow
wsprintfA
GetSubMenu
LoadMenuA
ScreenToClient
GetCursorPos
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetWindowRect
MessageBoxA
OffsetRect
GetWindow
GetClientRect
AppendMenuA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
IsWindowVisible
RegisterWindowMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
LookupIconIdFromDirectoryEx
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
GetDoubleClickTime
DrawFocusRect
GetMenuDefaultItem
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
PostQuitMessage
SetCursor
SetRectEmpty
PtInRect
SetWindowContextHelpId
MapDialogRect
LoadStringA
GetClassNameA
GetMenuStringA
LoadCursorA
GetSysColorBrush
DestroyIcon
PostThreadMessageA
IsRectEmpty
SetParent
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
SetRect
GetMenuItemInfoA
SetMenuDefaultItem
SetClassLongA
DrawStateA
TrackPopupMenuEx
DrawMenuBar
DrawFrameControl
RegisterClassW
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcW
DefFrameProcA
DefWindowProcW
CallWindowProcW
EnableScrollBar
EnumWindows
IsWindowUnicode
GetWindowLongW
SetWindowLongW
SendMessageTimeoutA
DrawEdge
InvalidateRect
FillRect
SetTimer
KillTimer
DrawIconEx
GetSysColor
InflateRect
SetWindowRgn
ReleaseDC
GetDC
WindowFromPoint
RedrawWindow
IsWindow
GetIconInfo
DispatchMessageA
TranslateMessage
SetCapture

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
GetClipRgn
ExtSelectClipRgn
GetObjectType
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
StretchDIBits
GetCharWidthA
CreateFontA
GetMapMode
SetRectRgn
CreateFontIndirectA
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
CreateBitmap
CreateRectRgnIndirect
PatBlt
GetObjectA
SetBkColor
GetClipBox
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetTextCharsetInfo
GetPixel
OffsetRgn
CreateDIBSection
StretchBlt
SetBrushOrgEx
Polygon
CreatePalette
CreateDIBitmap
GetDIBits
GetTextExtentPointA
CombineRgn
FillRgn
FrameRgn
DeleteObject
GetStockObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreatePen
SetTextColor
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

comctl32

ImageList_Create
ord17
ImageList_ReplaceIcon
FlatSB_GetScrollProp
ImageList_GetIcon
_TrackMouseEvent
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_Destroy
ImageList_Add

oledlg

ord8

ole32

CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
CoTaskMemFree
OleIsCurrentClipboard
CoGetClassObject
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoRevokeClassObject

olepro32

ord253

oleaut32

VariantChangeType
OleLoadPicturePath
GetErrorInfo
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantCopy
SysAllocString
SysFreeString
VariantClear
VariantInit

urlmon

URLDownloadToFileA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA

ws2_32

htons
send
inet_ntoa
recv
inet_addr
WSAStartup
gethostbyname
getpeername
shutdown
WSAGetLastError
connect
closesocket
socket
bind
listen
accept
setsockopt
gethostname

iphlpapi

GetAdaptersInfo
GetTcpTable
SetTcpEntry

pdh

PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhCloseQuery

winmm

PlaySoundA
waveOutGetNumDevs

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c500af456d1097bea28807249160596

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

ws2_32

iphlpapi

pdh

winmm

imagehlp

Sections

.text Size: 612KB - Virtual size: 609KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 56KB - Virtual size: 105KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.text
Size: 612KB - Virtual size: 609KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 56KB - Virtual size: 105KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB