NEAS[.]053260764f53fab6b19835c6357d62f0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.053260764f53fab6b19835c6357d62f0.exe
Size

327KB
MD5

053260764f53fab6b19835c6357d62f0
SHA1

0d08ffdc055644d9976ffb06c15d1ac2efc72298
SHA256

8357bb9a36335f41476c87170ad39c8c809836f567bef9afe3af8b488209ac7b
SHA512

9ff896b24cbc654932b08be16929975143c31334796bbf0b5a3d38588e75ffd858188e69afb9d640673fc9b1a556e32bc1ea26f4f9ffa5e96287b493016c452a
SSDEEP

6144:klnK0oqr5dVCPsFApTQqK9cf/pV7jZl0UEcUKUuKAUfSmTh1quDHyh:mK+ldp+QqKE/LJEThdrSmN1lT0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.053260764f53fab6b19835c6357d62f0.exe

Files

NEAS.053260764f53fab6b19835c6357d62f0.exe
.dll windows:6 windows x86

dedbe74ee1f4f05619b2a661fe2b00ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetShortPathNameA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VerSetConditionMask
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VerifyVersionInfoW
FreeLibrary
LoadLibraryW
LoadLibraryA
OutputDebugStringA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
GetLastError
InitializeSListHead

user32

UnhookWindowsHookEx
CallNextHookEx
DefWindowProcA
RegisterClassExA
GetClassInfoExA
EnableWindow
GetClientRect
GetWindowRect
InflateRect
LoadCursorA
LoadIconA
DestroyIcon
SetWindowsHookExA
GetMonitorInfoA
OffsetRect
GetParent
SetWindowLongA
GetWindowLongA
InvalidateRect
GetUpdateRect
KillTimer
SetTimer
IsWindowVisible
SetWindowPos
ShowWindow
DestroyWindow
CallWindowProcA
GetSysColor
MonitorFromRect
LoadStringA
SendMessageA
CreateWindowExA
GetDC
ReleaseDC
GetDesktopWindow
IsChild
SetFocus
GetFocus
GetWindow

gdi32

GetClipBox
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
GetObjectA
PatBlt
CreateSolidBrush
GetStockObject
CreateCompatibleBitmap

msvcp140

?_Xlength_error@std@@YAXPBD@Z

vcruntime140

__std_exception_copy
__std_type_info_destroy_list
__std_exception_destroy
__std_terminate
memcpy
memmove
memset
strrchr
_CxxThrowException
__CxxFrameHandler3
_purecall
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_cexit
_crt_atexit
_initterm_e
_execute_onexit_table
_seh_filter_dll
_initterm

api-ms-win-crt-string-l1-1-0

strlen
_strupr
strcmp
strcpy
strcat

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-utility-l1-1-0

labs

api-ms-win-crt-multibyte-l1-1-0

_mbscmp
_mbsnbicmp

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_except1

Exports

Exports

GetAcrobatMPPInterface

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dedbe74ee1f4f05619b2a661fe2b00ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 232KB - Virtual size: 232KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 232KB - Virtual size: 232KB