NEAS[.]a568124672f9d878d40486c859811b60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a568124672f9d878d40486c859811b60.exe
Size

76KB
MD5

a568124672f9d878d40486c859811b60
SHA1

f262f7cfa1127bfe96ebac6365105cc2ee38d120
SHA256

b7e737e450c2edff68e89dbb16e9e2e2b55ae62229eca91bb218bfc264934422
SHA512

77a091016d0a7b56f114a66a3e3d7433a1d2ebee86a28ce4f1354cca17ddfcbc47fa49e5be80ad938c039b39357254265fb5451c3e1bde81c573772b26a4fefb
SSDEEP

1536:gyKcg6zAoy+C/5MV3O0UpkygAw3suxBBTlSom7:gUXcozCc3OVqy1wHbTlSom7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a568124672f9d878d40486c859811b60.exe

Files

NEAS.a568124672f9d878d40486c859811b60.exe
.exe windows:4 windows x86

21c0347af22350bc1b07395fdf772043

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage

kernel32

GetProcAddress
InitializeCriticalSection
IsDBCSLeadByte
LoadLibraryA
lstrcatA
CloseHandle
WaitForSingleObject
lstrcpyA
LoadLibraryExA
lstrcpynA
CreateFileA
CopyFileA
GetSystemDirectoryA
CreateProcessA
GetModuleHandleA
GetShortPathNameA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetSystemDefaultLCID
CreateEventA
GetLocaleInfoA
CreateThread
IsBadWritePtr
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
LocalFree
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
MultiByteToWideChar
lstrlenW
GetCommandLineA
RaiseException
HeapReAlloc
GetCurrentThreadId
lstrcmpiA
CreateMutexA
GetLastError
Sleep
lstrlenA
InterlockedDecrement
HeapAlloc
HeapFree
RtlUnwind

user32

EnableWindow
DefWindowProcA
ChangeDisplaySettingsA
GetDlgCtrlID
EndDialog
GetDlgItem
SetWindowTextA
WinHelpA
LoadStringA
GetWindowRect
EnableMenuItem
GetSystemMenu
EnumChildWindows
DialogBoxParamA
GetParent
SetWindowLongA
CallWindowProcA
wsprintfA
CreateWindowExA
SendMessageA
PostQuitMessage
PostMessageA
PeekMessageA
DispatchMessageA
GetMessageA
RegisterClassA
CharNextA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA

shell32

ShellExecuteExA

ole32

CoUninitialize
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
VariantClear
LoadTypeLi
SysStringLen
VarUI4FromStr
SysAllocString
RegisterTypeLi

hccutils

FindResources
IsDisplayValid
IsDisplayDeviceActive
LoadSTRING
LoadDialogString
EnumDeviceByClass

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c0347af22350bc1b07395fdf772043

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

hccutils

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 2KB