NEAS[.]b28330b12d6c2a26880d8a3bbe14a120[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b28330b12d6c2a26880d8a3bbe14a120.exe
Size

804KB
MD5

b28330b12d6c2a26880d8a3bbe14a120
SHA1

1458a78d22c333c989f700a7e1d0c311f77208e4
SHA256

30844f9ee620fa31391c054fd450e2a6b0f8d1c3b034d5a3e559ae646b2a4f0d
SHA512

32d7d9c22f741dd0e4d9211bfcab2ee5dbf99df5a8e0c9cbcddf99789a85694fa094d91582b46f59c3b6c0c04def3bcd0f51e049da9d52daba7417f6c9009816
SSDEEP

6144:4LG1m23bsw4a/Som6Q/2PB7IJIv/3sQkWM/azo3E2TMO6U4Y3iK5aki+:TLv/Som6Q/2h4Iv/3sxD3E2QZ1Y3P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b28330b12d6c2a26880d8a3bbe14a120.exe

Files

NEAS.b28330b12d6c2a26880d8a3bbe14a120.exe
.dll windows:4 windows x86

d86e4ad2939970b0d6c5acd2d4e21709

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

sndPlaySoundA

kernel32

RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
LockResource
LoadResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
SetLastError
GlobalFlags
MulDiv
lstrcpynA
SetErrorMode
TlsGetValue
LocalReAlloc
GetModuleHandleA
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
Sleep
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetEnvironmentStringsW
lstrcpyA

user32

SendDlgItemMessageA
UpdateWindow
PostMessageA
LoadIconA
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
GetMessageA
UnregisterClassA
GetClassNameA
PtInRect
ClientToScreen
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
SetFocus
AdjustWindowRectEx
GetClientRect
MapWindowPoints
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
SendMessageA
GetSysColor
CopyRect
GetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowPos
SetForegroundWindow
EnableWindow
KillTimer
GetKeyState
GetClassLongA

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteObject
SelectObject
GetDeviceCaps
GetStockObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetClipBox

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

Exports

Exports

SHOW
SHOW2

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.initdat
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 700KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d86e4ad2939970b0d6c5acd2d4e21709

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 14KB

.initdat Size: 4KB - Virtual size: 4B

.rsrc Size: 700KB - Virtual size: 698KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 14KB

.initdat
Size: 4KB - Virtual size: 4B

.rsrc
Size: 700KB - Virtual size: 698KB

.reloc
Size: 16KB - Virtual size: 12KB