NEAS[.]b72e5a04838b5228986c80d16d801500[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b72e5a04838b5228986c80d16d801500.exe
Size

3.2MB
MD5

b72e5a04838b5228986c80d16d801500
SHA1

1547289712e518c844ca5107356b026e27e65dc0
SHA256

0da50c7359f81bc5aa14383fdb59b2992b31b34cf261cb177fe55647fd9e8eba
SHA512

d952d4af08725a1b26ea4b29bc65c8fbd7bed49c810d7c323340191649821155565c4fa46ed0703383bf46b8cac489fd1b850af4c94299f9130937983f35f6c2
SSDEEP

98304:SYy2kYif6/4SXEWbx8GgigXpgJ69UeL47o:Y2kTyUAgigNUeL47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b72e5a04838b5228986c80d16d801500.exe

Files

NEAS.b72e5a04838b5228986c80d16d801500.exe
.exe windows:6 windows x86

14f3c6ac6e6ee90ff517f6f459a13836

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW

kernel32

GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetACP
ExitProcess
GetStdHandle
SetStdHandle
HeapQueryInformation
GetSystemInfo
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
IsValidLocale
GetTimeZoneInformation
SetEnvironmentVariableA
FindNextFileW
FindFirstFileExW
GetConsoleMode
GetConsoleCP
GetFileType
SetFilePointerEx
RtlUnwind
GetStringTypeW
LCMapStringW
OutputDebugStringW
EnumSystemLocalesW
WriteConsoleW
IsValidCodePage
GetOEMCP
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
lstrcpyW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
GlobalGetAtomNameW
GetCurrentThread
GetThreadLocale
InitializeCriticalSectionAndSpinCount
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
lstrcmpA
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetLocalTime
CopyFileW
LeaveCriticalSection
ExpandEnvironmentStringsW
EnterCriticalSection
VirtualProtect
SetUnhandledExceptionFilter
GetCurrentProcessId
LocalFree
SetErrorMode
InitializeCriticalSection
GetCommandLineW
GetModuleHandleW
VirtualProtectEx
SetProcessWorkingSetSize
GetCurrentProcess
VirtualQuery
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetModuleFileNameW
VirtualAlloc
CloseHandle
WaitForSingleObject
GetPrivateProfileStringW
GetUserDefaultLangID
GetPrivateProfileIntW
WritePrivateProfileStringW
WideCharToMultiByte
lstrcpynW
FreeLibrary
GetProcAddress
LoadLibraryW
FreeResource
lstrcmpiW
FindResourceW
LoadResource
LockResource
MultiByteToWideChar
FreeEnvironmentStringsW
GetVersion
GetVersionExW
GetCPInfo
lstrlenW
SizeofResource
GetTickCount
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
GetEnvironmentStringsW

user32

LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
DestroyMenu
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
CreateDialogIndirectParamW
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
SetWindowLongW
SetRectEmpty
EndPaint
BeginPaint
GetMenuStringW
InvalidateRgn
PostThreadMessageW
EnumChildWindows
GetClassNameW
PrintWindow
GetWindowTextW
LoadIconW
GetWindowDC
IsRectEmpty
UpdateWindow
CharUpperW
GetNextDlgGroupItem
MessageBeep
RegisterWindowMessageW
UnregisterClassW
SendMessageW
EnableWindow
ReleaseDC
IsWindow
BringWindowToTop
SetScrollPos
ShowScrollBar
RedrawWindow
LockWindowUpdate
SetCapture
ReleaseCapture
SetForegroundWindow
DefWindowProcW
GetFocus
ScreenToClient
GetClassInfoW
SetTimer
LoadCursorW
EndDialog
SendDlgItemMessageA
CharNextW
PostQuitMessage
ShowOwnedPopups
WaitMessage
SetWindowContextHelpId
MapDialogRect
RealChildWindowFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
KillTimer
PtInRect
DrawFrameControl
GetCursorPos
SetWindowRgn
IsIconic
GetWindowLongW
PostMessageW
GetWindowRect
InflateRect
GetIconInfo
WindowFromPoint
CopyImage
GetAsyncKeyState
GetSystemMenu
SetParent
TrackMouseEvent
EndDeferWindowPos
CopyAcceleratorTableW
UnionRect
GetMenuDefaultItem
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
CreateMenu
SystemParametersInfoW
DrawEdge
GetSysColorBrush
GetDesktopWindow
DrawIconEx
SetRect
DrawTextW
AppendMenuW
RemoveMenu
InsertMenuW
DrawTextExW
LoadBitmapW
GetSysColor
CopyRect
DestroyIcon
GetSubMenu
CreatePopupMenu
GetSystemMetrics
DeleteMenu
FillRect
GetMenuItemCount
GrayStringW
GetDC
GetMenuItemID
ModifyMenuW
GetMenuState
GetMenuItemInfoW
TabbedTextOutW
GetNextDlgTabItem
InvalidateRect
LoadImageW
GetParent
GetClientRect
SetCursor
DrawFocusRect
FrameRect
DrawStateW
ClientToScreen
CreateIconIndirect
IsMenu
OffsetRect
GetActiveWindow
DestroyCursor
EmptyClipboard
IsZoomed
SetCursorPos
CopyIcon
DrawIcon
RegisterClipboardFormatW
UpdateLayeredWindow
GetWindowRgn
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
PeekMessageW
MonitorFromPoint

gdi32

GetStockObject
FillRgn
CombineRgn
PtInRegion
CreateRectRgn
CreateRoundRectRgn
CreateRectRgnIndirect
FrameRgn
GetTextMetricsW
GetCurrentObject
GetBkColor
GetDIBits
CopyMetaFileW
CreateDCW
CreatePatternBrush
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontW
GetCharWidthW
StretchDIBits
GetMapMode
SetRectRgn
DPtoLP
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polygon
Polyline
LPtoDP
OffsetRgn
RoundRect
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetBkColor
CreateBitmap
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
GetBkMode
RectVisible
SetPixel
PatBlt
CreateHatchBrush
GetDeviceCaps
GetPixel
DeleteDC
TextOutW
GetTextExtentPoint32W
CreatePen
Rectangle
GetObjectW
Ellipse
DeleteObject
CreateSolidBrush
CreateFontIndirectW
Escape
PtVisible
CreateCompatibleDC
ExtTextOutW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW

shell32

ShellExecuteW
CommandLineToArgvW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_GetBkColor
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantCopy
VarBstrFromDate
LoadTypeLi
SafeArrayDestroy
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

ws2_32

WSASetLastError
WSCGetProviderPath
WSCEnumProtocols
WSACleanup
WSAStartup
shutdown
ntohl
send
ntohs

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipFree
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14f3c6ac6e6ee90ff517f6f459a13836

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

oleacc

gdiplus

imm32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 553KB - Virtual size: 552KB

.data Size: 30KB - Virtual size: 61KB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 155KB - Virtual size: 155KB

.reloc Size: 157KB - Virtual size: 156KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 553KB - Virtual size: 552KB

.data
Size: 30KB - Virtual size: 61KB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 155KB - Virtual size: 155KB

.reloc
Size: 157KB - Virtual size: 156KB