NEAS[.]c347d04c620651e9fb1e0224d7799180[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c347d04c620651e9fb1e0224d7799180.exe
Size

1.6MB
MD5

c347d04c620651e9fb1e0224d7799180
SHA1

c792f8feaf3d1ce161178a4dc538c70eabbdb706
SHA256

a547b4c9878c135737950f6504c53e7723b751c9429ea1e3bbb7231ed55a64d0
SHA512

59b1681691ec469f7afdf0849e5d615a67f23dd91fb2443684f5edeb9975ac265785911d58bf62deddd23b1f71c2a8330a7d5f0e0741678f28c3f7fb3f6b499f
SSDEEP

24576:tLDWSd8rCw09rBvL50Wb46OA9NAm/AEI9obQJ6/DA50xUrpUcA/0BN5Bz:pDzd82/974UXbQCEJoq5Bz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c347d04c620651e9fb1e0224d7799180.exe

Files

NEAS.c347d04c620651e9fb1e0224d7799180.exe
.exe windows:4 windows x86

225099683f980d0da6ebfb434fbb1f5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ft_et99_api

et_Verify
et_OpenToken
et_FindToken
et_Read
et_Write
et_CloseToken

kernel32

SetStdHandle
GetFileType
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
DeleteFileA
CopyFileA
MultiByteToWideChar
GetTickCount
Sleep
GetCurrentProcessId
InterlockedDecrement
GetProcAddress
LoadLibraryA
CreateThread
CloseHandle
WaitForSingleObject
GetExitCodeThread
SetEvent
OpenProcess
GetLastError
UnmapViewOfFile
FreeLibrary
CreateEventA
OpenEventA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
MulDiv
GetPrivateProfileStringA
WritePrivateProfileStringA
GetComputerNameA
GetVolumeInformationA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
LocalAlloc
FormatMessageA
WriteFile
GetSystemTimeAsFileTime
FindResourceExA
GetProfileStringA
InterlockedExchange
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapSize
GetACP
GetStartupInfoA
CreateFileA
SetFilePointer
ReadFile
EnumResourceNamesA
LoadLibraryExA
SizeofResource
DeviceIoControl
SetPriorityClass
GetCurrentProcess
CreateProcessA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Module32First
CreateToolhelp32Snapshot
ReadProcessMemory
GetCommandLineA
FindFirstFileA
ExitProcess
FindClose
TerminateProcess
InterlockedIncrement
WideCharToMultiByte
SetLastError
LocalFree
lstrcpynA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
ResumeThread
SetThreadPriority
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
FileTimeToLocalFileTime
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
GetThreadLocale
GetFileAttributesA
GetFileSize
GetFileTime
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetOEMCP
GetCurrentDirectoryA
GlobalSize
SetErrorMode
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
HeapReAlloc

user32

LoadAcceleratorsA
CharUpperA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
EndDialog
CreateDialogIndirectParamA
IsWindowEnabled
IsDialogMessageA
IsDlgButtonChecked
IsRectEmpty
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
GetMessageA
GetActiveWindow
ValidateRect
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
DrawEdge
FillRect
CopyRect
GetSysColor
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
SetParent
IsZoomed
DrawFocusRect
LoadStringA
CharNextA
CopyAcceleratorTableA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindowPlacement
IntersectRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
ClientToScreen
ScreenToClient
GetNextDlgGroupItem
PeekMessageA
DispatchMessageA
GetDC
GetDCEx
SystemParametersInfoA
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
DeleteMenu
GetSubMenu
SendMessageA
EnableWindow
LoadImageA
GetClientRect
IsWindow
GetCursorPos
EnableMenuItem
SetWindowTextA
mouse_event
SetCursorPos
GetWindowRect
GetClassNameA
EnumChildWindows
GetWindowThreadProcessId
GetWindowTextA
GetParent
GetWindow
GetForegroundWindow
IsWindowVisible
LockWindowUpdate
RegisterClipboardFormatA
PostThreadMessageA
WindowFromPoint
GetTopWindow
GetWindowDC
IsIconic
ReleaseCapture
PtInRect
FindWindowExA
SetCapture
LoadCursorA
DrawStateA
LoadMenuA
InflateRect
OffsetRect
DestroyMenu
SetRectEmpty
SetCursor
UpdateWindow
DrawIcon
KillTimer
PostQuitMessage
SetWindowLongA
CreateIconFromResourceEx
wsprintfA
GetDlgCtrlID
LoadIconA
GetSystemMenu
GetFocus
SetTimer
InvalidateRect
BeginDeferWindowPos
MoveWindow
RedrawWindow
DeferWindowPos
EndDeferWindowPos
IsChild
FindWindowA
ShowWindow
SendMessageTimeoutA
UnregisterClassA
SetRect
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DrawFrameControl
FrameRect
GetCursor
GetAsyncKeyState
GetKeyboardState
MapVirtualKeyA
GetKeyboardLayout
ToAsciiEx
UnionRect
WaitMessage
IsMenu
SetWindowRgn
MessageBeep
TranslateMessage
InvertRect
GetIconInfo
GetWindowRgn
DestroyCursor
CreateIconIndirect
RegisterWindowMessageA
GetWindowLongA
keybd_event
MessageBoxA
PostMessageA
SetWindowPos
SetForegroundWindow
GetDesktopWindow
GetMenuItemInfoA

gdi32

CreatePalette
CreatePolygonRgn
GetDIBits
RealizePalette
OffsetRgn
CreateRoundRectRgn
StretchBlt
EnumFontFamiliesA
GetTextCharset
SetBrushOrgEx
GetViewportOrgEx
FrameRgn
Polygon
PtInRegion
SetPixelV
CreateEllipticRgn
GetCurrentObject
GetTextExtentPointA
CreateDIBitmap
EnumFontFamiliesExA
GetWindowOrgEx
GetTextFaceA
FillRgn
GetBkColor
GetTextColor
GetTextMetricsA
LPtoDP
CreateFontA
GetCharWidthA
StretchDIBits
DPtoLP
CombineRgn
SetRectRgn
CreateBitmap
GetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePatternBrush
ExtCreatePen
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
SelectPalette
RestoreDC
SaveDC
CreateRectRgnIndirect
SetROP2
GetNearestColor
GetStockObject
Rectangle
PatBlt
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
BitBlt
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
CreateFontIndirectA
GetTextExtentPoint32W
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
GetBkMode
GetDeviceCaps

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
ShellExecuteA
Shell_NotifyIconA

comctl32

ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
PropertySheetA
ImageList_DrawIndirect
ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Create

oledlg

ord8

ole32

CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoCreateInstance
OleRun
OleFlushClipboard
OleIsCurrentClipboard
CoInitialize
CreateILockBytesOnHGlobal
CoRevokeClassObject

olepro32

ord253

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

ws2_32

recv
select
__WSAFDIsSet
send
shutdown
closesocket
gethostbyname
inet_addr
htons
connect
WSAStartup
socket
WSACleanup

shlwapi

StrCmpW
PathFileExistsA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetReadFile
InternetWriteFile
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetFilePointer

winmm

PlaySoundA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHAREDAT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

225099683f980d0da6ebfb434fbb1f5b

Headers

File Characteristics

Imports

ft_et99_api

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

snmpapi

ws2_32

shlwapi

version

wininet

winmm

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 176KB - Virtual size: 174KB

.data Size: 44KB - Virtual size: 80KB

SHAREDAT Size: 4KB - Virtual size: 4B

.rsrc Size: 244KB - Virtual size: 241KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 176KB - Virtual size: 174KB

.data
Size: 44KB - Virtual size: 80KB

SHAREDAT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 244KB - Virtual size: 241KB