NEAS[.]ad00343fcdc43d6a07247c53c77b0ea0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ad00343fcdc43d6a07247c53c77b0ea0.exe
Size

200KB
MD5

ad00343fcdc43d6a07247c53c77b0ea0
SHA1

260425b7912745c0a47c3aaf1e6d9b12d029d1d3
SHA256

9a48d540805f4aedf42dbc5f2680937280573703c8d0d33ebf3da8f3db167e4d
SHA512

b26264e1fd67111a73239c9b5b4c77edb76f220b663e6c42b40685c6eb8b37bddbac6d6b8273b473921191bbd8f98fdc90a4c6c5fbc986edff441e877b099b36
SSDEEP

3072:10DSPZ+6bE7r8TFA1vPRFLXlXZXTBGgW1DJCAg0FukIUJeccHmr:10DSBdwUhaPnL3jFW1DMAOTUJyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ad00343fcdc43d6a07247c53c77b0ea0.exe

Files

NEAS.ad00343fcdc43d6a07247c53c77b0ea0.exe
.exe windows:4 windows x86

524909ff5e9b404dae7a9ab3740cb443

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA
PathGetDriveNumberA

kernel32

HeapFree
GetProcessHeap
HeapAlloc
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
GetLastError
WideCharToMultiByte
lstrlenW
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
CloseHandle
CreateMutexA
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
TerminateProcess
WaitForSingleObject
ReadFile
PeekNamedPipe
CreateProcessA
CreatePipe
GetSystemDirectoryA
WriteFile
CopyFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
SetThreadPriority
TerminateThread
SuspendThread
ResumeThread
GetComputerNameA
GetDiskFreeSpaceA
GetCurrentProcess
InitializeCriticalSection
GetLocalTime
GetTickCount
GetCurrentProcessId
DeviceIoControl
GetModuleHandleW
GetSystemInfo
LocalAlloc
LocalFree
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetSystemTimeAsFileTime
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
UnhandledExceptionFilter
HeapSize
GetCPInfo
GetOEMCP
TlsAlloc
SetLastError
TlsFree
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateThread
TlsGetValue
TlsSetValue
FlushInstructionCache
GlobalMemoryStatus
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
QueryPerformanceCounter
VirtualQuery
VirtualProtect
ExitThread
RtlUnwind
HeapReAlloc
RaiseException

user32

LoadImageA
KillTimer
EnableWindow
SetTimer
SetWindowTextA
DialogBoxParamA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
SetDlgItemTextA
MessageBeep
SetFocus
GetWindowLongA
GetWindow
GetWindowRect
GetSystemMetrics
GetClientRect
SetWindowPos
GetParent
EndDialog
GetActiveWindow
MessageBoxA
PostQuitMessage
SendMessageA
IsDialogMessageA
CharNextA
CreateDialogParamA
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
SetWindowLongA
CharPrevA
SystemParametersInfoA
MapWindowPoints
UnregisterClassA

gdi32

DeleteObject
CreateSolidBrush

comdlg32

GetOpenFileNameA

advapi32

RegCreateKeyExA
RegQueryValueExA
GetUserNameA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524909ff5e9b404dae7a9ab3740cb443

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 10KB