NEAS[.]0be1516d8713fb4024d585ce205d8630[.]exe

General

Target

NEAS.0be1516d8713fb4024d585ce205d8630.exe
Size

107KB
MD5

0be1516d8713fb4024d585ce205d8630
SHA1

e75a195143197e8f84f4ab81107d67aaccdc7677
SHA256

feca13c466d43774508d557d2da7b952c1f3eda0d42e309c2e3090fbba0ab6ec
SHA512

c5d0befcef383af93ddb0410fa6a67120fa68f9e078c8aa6bf772b70b2127fc30b129e16e057114565c40bc596237d1c3fde1a54538f46296adb9892279a4135
SSDEEP

1536:VjZvq7YeUNFxycA1LvRH5dFWZ/tTJoGLsSi8fK:hG1cFtTJKS1S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0be1516d8713fb4024d585ce205d8630.exe

Files

NEAS.0be1516d8713fb4024d585ce205d8630.exe
.exe windows:4 windows x86

d32c6c13eb89a07011d5505ab7dbbd8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathRemoveFileSpecA
PathCombineA

kernel32

ExitProcess
FlushFileBuffers
GetFileAttributesA
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SetEnvironmentVariableA
GetEnvironmentVariableA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
ReadProcessMemory
GetLastError
VirtualQueryEx
VirtualAllocEx
WriteProcessMemory
VirtualProtectEx
ResumeThread
CreateProcessA
GetProcAddress
LoadLibraryA
GetCurrentProcess
SetLastError
GetModuleHandleA
CreateFileA
WriteConsoleW
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
Sleep
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

MessageBoxA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d32c6c13eb89a07011d5505ab7dbbd8b

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

comdlg32

Sections

.text Size: 84KB - Virtual size: 84KB

.rsrc Size: 22KB - Virtual size: 24KB

.text
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 22KB - Virtual size: 24KB