NEAS[.]130ae96deff0601d1d7cbb1f224414e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.130ae96deff0601d1d7cbb1f224414e0.exe
Size

539KB
MD5

130ae96deff0601d1d7cbb1f224414e0
SHA1

794e67e8b2fe6b4d90ee61f21bc1fb98e331ef20
SHA256

43e658f2a1b18bdf71ac48a8f56026bebe0e290ad82fb56b852cb6f1639decac
SHA512

108062a88891bfe1066a2b8fea279590f849cb2b69cbe893c5aef4a333db71459b86e7fa96fe1ebb1dc5fd91b4e3238d210e9d533a0b78dd675f5b4ccf8076f5
SSDEEP

6144:roG44BIuGWEYbzKcupNQVl+8HhtVe1vt2RhjCMt7nHG9AJBGR96W79JXK30vcKl7:jnBOWB6cpVlrtQ1vwRFCJqY7rl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.130ae96deff0601d1d7cbb1f224414e0.exe

Files

NEAS.130ae96deff0601d1d7cbb1f224414e0.exe
.dll windows:4 windows x86

70d48b49bfaffe8cc1bff550eeb5dbf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy

kernel32

MultiByteToWideChar
FindClose
CloseHandle
WaitForSingleObject
SetEvent
SetThreadPriority
CreateEventA
GetModuleHandleA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThread
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
WideCharToMultiByte
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
SetCurrentDirectoryA
ExitProcess
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
FormatMessageA
LoadLibraryA
GetThreadLocale
RtlUnwind
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
HeapSize
TerminateProcess
SetEnvironmentVariableA

user32

InsertMenuItemA
SendMessageA
LoadMenuA
GetClientRect
DrawTextA
DefWindowProcA
LoadCursorA
RegisterClassA
GetParent
GetClassNameA
BeginPaint
GetWindow
IsWindowVisible
GetSysColor
EndPaint
GetFocus
GetAsyncKeyState
GetCapture
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SetFocus
GetCursorPos
SetCapture
MessageBoxA
CreatePopupMenu
ReleaseCapture
TrackPopupMenu
DestroyMenu
KillTimer
SetTimer
IsChild
GetDC
ReleaseDC
LoadImageA
DestroyIcon
UnregisterClassA
DialogBoxParamA
CreateDialogParamA
DestroyWindow
InvalidateRect
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
PostMessageA
SetWindowLongA
GetWindowLongA
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA

gdi32

CreateFontA
SelectObject
SetBkMode
SetTextColor
BitBlt
CreateRectRgnIndirect
RectInRegion
CombineRgn
DeleteObject
CreateSolidBrush
FillRgn
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

DragQueryFileA
DragFinish

Exports

Exports

VSTPluginMain

Sections

.text
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70d48b49bfaffe8cc1bff550eeb5dbf5

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 388KB - Virtual size: 387KB

.text1 Size: 4KB - Virtual size: 3KB

.rdata Size: 89KB - Virtual size: 89KB

.data Size: 11KB - Virtual size: 25KB

.data1 Size: 5KB - Virtual size: 5KB

.trace Size: 10KB - Virtual size: 10KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 388KB - Virtual size: 387KB

.text1
Size: 4KB - Virtual size: 3KB

.rdata
Size: 89KB - Virtual size: 89KB

.data
Size: 11KB - Virtual size: 25KB

.data1
Size: 5KB - Virtual size: 5KB

.trace
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 19KB - Virtual size: 19KB