NEAS[.]97564e70fad93a34c23c0869e2800600[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.97564e70fad93a34c23c0869e2800600.exe
Size

794KB
MD5

97564e70fad93a34c23c0869e2800600
SHA1

c73629228ff97b93c98a5bb1d9b948eca803f1b1
SHA256

0b35caf63da00df630913cdb7feb414bd915b98f2a40b2f114a96a2244885942
SHA512

b2a0b37b833fc54885b6c8ac2a3e85ddd86e17dbeb6e135797c33a05a209ce509f3952f725580d77dbd200c876c9511568d8008c5cdfae80d5c89c920fa74ab7
SSDEEP

12288:SQyImLsiRCaiVf3nbrxGAcLEpknzgFcIZHl/oBQuYqw6jcHJE:/+scEocqIZHlZcoE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.97564e70fad93a34c23c0869e2800600.exe

Files

NEAS.97564e70fad93a34c23c0869e2800600.exe
.exe windows:5 windows x86

f15a003f1972fe5f858e9159e2b7b41c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
InitCommonControlsEx
ord6

kernel32

EnterCriticalSection
GetProcessHeap
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
ReadFile
GetModuleHandleA
GetLocaleInfoA
HeapSize
SetStdHandle
CreateFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
WideCharToMultiByte
LCMapStringA
VirtualAlloc
VirtualFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
RaiseException
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
OutputDebugStringA
GetProcAddress
GetStdHandle
MultiByteToWideChar
HeapValidate
WriteFile
GetTickCount
HeapFree
HeapAlloc
HeapCreate
GetFullPathNameA
Sleep
LoadLibraryA
GetModuleHandleW
ExitProcess
RtlUnwind
GetLastError
LeaveCriticalSection
WriteConsoleW
GetFileType
GetModuleFileNameW
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
DeleteCriticalSection
CloseHandle
TlsGetValue
TlsAlloc
TlsSetValue

user32

CallWindowProcA
EnableWindow
DispatchMessageA
ShowWindow
CreateWindowExA
SetWindowLongA
TranslateMessage
IsDialogMessageA
SendMessageA
SetFocus
GetForegroundWindow
CreateMenu
EnableMenuItem
SetMenu
SetWindowTextA
DestroyMenu
SetScrollInfo
CheckMenuItem
CreatePopupMenu
AppendMenuA
EndPaint
ClientToScreen
SetCursor
PostQuitMessage
TrackPopupMenu
GetKeyState
CallNextHookEx
BeginPaint
SetWindowsHookExA
DrawMenuBar
UnhookWindowsHookEx
MessageBoxA
GetCursorPos
SystemParametersInfoA
RegisterClassExA
SetForegroundWindow
DefWindowProcA
LoadImageA
LoadCursorA
GetWindowRect
IsZoomed
MoveWindow
SetTimer
FillRect
KillTimer
GetDC
InvalidateRect
ReleaseDC
GetDesktopWindow
DrawTextA
SetRect
SetWindowPos
GetFocus
DestroyWindow
GetMessageA
GetClientRect

gdi32

GetTextExtentPoint32A
BitBlt
PatBlt
CreateFontA
CreateCompatibleBitmap
CreateBrushIndirect
CreatePen
GetStockObject
GetTextColor
TextOutA
SetTextColor
SetBkColor
DeleteDC
SelectObject
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

Exports

Exports

Dialog
Error
Mcu
S
Values
_
alert
s2w

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 15.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f15a003f1972fe5f858e9159e2b7b41c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 225KB - Virtual size: 224KB

.rdata Size: 419KB - Virtual size: 418KB

.data Size: 64KB - Virtual size: 15.3MB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 74KB - Virtual size: 74KB

.text
Size: 225KB - Virtual size: 224KB

.rdata
Size: 419KB - Virtual size: 418KB

.data
Size: 64KB - Virtual size: 15.3MB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 74KB - Virtual size: 74KB