NEAS[.]b9b24b2f9bd9587d3ea62a7e81da5940[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b9b24b2f9bd9587d3ea62a7e81da5940.exe
Size

636KB
MD5

b9b24b2f9bd9587d3ea62a7e81da5940
SHA1

2cbede99cfa17bd8f093413fbb0190869be10507
SHA256

56b5b94d616fc0628c3ae770dce2f627b514c28b626449dad792ffbf12fce158
SHA512

99fdc0069714a1c05bc70f127167490ecce4ca6929c6149ea3e64190847b7e656fd10af1ae3492b8167e1acb551f2e50ba0c5bc5c4b576720aa30ae0d4b321c1
SSDEEP

12288:chrcN3PcJIQbl9Cv/Z62Kja+g9No/ouRJi:2cN3Pun9C3Z62A4No/VJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b9b24b2f9bd9587d3ea62a7e81da5940.exe

Files

NEAS.b9b24b2f9bd9587d3ea62a7e81da5940.exe
.dll windows:6 windows x64

a3661b49e7e47cf4628fa8abe808537f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetProcAddress
GetEnvironmentVariableW
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsGetValue
TlsSetValue
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
GetProcessHeap
CloseHandle
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetLastError
Sleep
GetCurrentProcessId
GetDynamicTimeZoneInformation
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapSize
WideCharToMultiByte
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
GetExitCodeThread
LocalFree
FormatMessageA
GetLocaleInfoEx
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetFileInformationByHandleEx
GetStringTypeW
SetEndOfFile
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
CompareStringEx
GetCPInfo
LCMapStringEx
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
TlsAlloc
TlsFree
LoadLibraryExW
RtlUnwind
GetModuleHandleExW
SetStdHandle
GetFileType
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation

user32

MessageBoxW

shell32

SHGetFolderPathW

Exports

Exports

SKSEPlugin_Load
SKSEPlugin_Query
SKSEPlugin_Version

Sections

.text
Size: 451KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3661b49e7e47cf4628fa8abe808537f

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 451KB - Virtual size: 450KB

.rdata Size: 138KB - Virtual size: 138KB

.data Size: 18KB - Virtual size: 25KB

.pdata Size: 23KB - Virtual size: 22KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 451KB - Virtual size: 450KB

.rdata
Size: 138KB - Virtual size: 138KB

.data
Size: 18KB - Virtual size: 25KB

.pdata
Size: 23KB - Virtual size: 22KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 3KB