NEAS[.]29319ae6af95a8e682b7ef5a7e655e90[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.29319ae6af95a8e682b7ef5a7e655e90.exe
Size

6.1MB
MD5

29319ae6af95a8e682b7ef5a7e655e90
SHA1

4e99e1051948f5fe3bc2d4127d869db8be8ccdf8
SHA256

0c9a0701b4587ad60efd13261159ccf7459aa91326c5398f6b996736ef4fd5ba
SHA512

b5e63ca818ec02e39f1898f97df47157ccbe154a74cb530a7b35d4c141adeea4ac4124ad7553b1e90bed2446054a566dc60ae4cb97653c5512ffb65216993638
SSDEEP

196608:Sa+SfViblUHpgam3w2+wQtnKyFSTtmOZ3lzPj:Sa+SWlUHpe3w2Qk1T4Y1zP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.29319ae6af95a8e682b7ef5a7e655e90.exe

Files

NEAS.29319ae6af95a8e682b7ef5a7e655e90.exe
.dll windows:6 windows x86

65282088addf6a1d21982594505130f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
WriteConsoleW
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
ReadConsoleW
CreateFileW
GetStringTypeW
GetCPInfoExW
Beep
IsValidLocale
GetUserDefaultLCID
HeapFree
CreateThread
GetSystemTime
GetThreadTimes
GetCurrentProcessId
EnumResourceTypesW
GetSystemInfo
GetExitCodeThread
CreateProcessA
MulDiv
GetFileAttributesA
GetExitCodeProcess
GetSystemTimeAsFileTime
FormatMessageW
QueryPerformanceCounter
CompareFileTime
GetTempFileNameW
SetEndOfFile
SetFilePointer
GlobalMemoryStatus
GetOEMCP
EnumSystemLocalesW
GetLocaleInfoW
LCMapStringW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetLastError
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress

user32

MessageBoxA
EnableMenuItem
CreateCaret
BeginPaint
SetRect
SetClassLongA
ClientToScreen
SetCursor
GetDlgItemInt
HideCaret
SendDlgItemMessageA
KillTimer
CharLowerBuffW
GetDoubleClickTime
GetWindowThreadProcessId
SetPropA
CreateIconIndirect
LoadMenuW
GetWindowLongW
SystemParametersInfoW
GetClassNameW
DrawStateW
DefWindowProcA
CheckDlgButton
EnableScrollBar
IsWindow
SystemParametersInfoA
ScrollWindowEx
SetScrollInfo
GetMonitorInfoW
CheckMenuItem

gdi32

ExtCreatePen
SetPixel
CreateRectRgnIndirect
RealizePalette
GetObjectType
GetPixel
GetStockObject
CreateSolidBrush
SetPolyFillMode
GetEnhMetaFileHeader
CreateCompatibleDC
RectInRegion
ExtCreateRegion
SelectPalette
GetObjectW
CreateRectRgn
GetTextExtentPointA
UpdateColors
CreatePen

comdlg32

GetSaveFileNameW

advapi32

GetLengthSid
SetSecurityDescriptorDacl
RegSetValueExW
RegCloseKey
SetSecurityDescriptorOwner
RegOpenKeyExA

ole32

CoTaskMemFree

oleaut32

SafeArrayGetLBound

Sections

.text
Size: 465KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65282088addf6a1d21982594505130f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 465KB - Virtual size: 465KB

.data Size: 5.6MB - Virtual size: 5.6MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 465KB - Virtual size: 465KB

.data
Size: 5.6MB - Virtual size: 5.6MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 12KB - Virtual size: 11KB