NEAS[.]2e73d4ef14b6fdf285ea4dfbee8ef780[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2e73d4ef14b6fdf285ea4dfbee8ef780.exe
Size

1.9MB
MD5

2e73d4ef14b6fdf285ea4dfbee8ef780
SHA1

37a3caaa55ecf003d6a2bf1cd17a7d740077385b
SHA256

71b369ec7c4ff40e813fa9096b8afd95f2bb66dd10d2f8d676505591695f795a
SHA512

96480b6b38e24aca433af73110bcd1534475cd831c565986993afcde1f6516a027118ffde2c850e5f5a6b6439ddf9df045e6ca3357425498370e3f33ecf0756a
SSDEEP

24576:sBBv47mSti+ha/TBvu04Nz1yteT0PN+RiMR7vPJshLqBwc+whAisiKkqo0KfSpHx:kaoM0Ozj0PgVPxdmoHrkX/s3qttYJRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2e73d4ef14b6fdf285ea4dfbee8ef780.exe

Files

NEAS.2e73d4ef14b6fdf285ea4dfbee8ef780.exe
.dll regsvr32 windows:5 windows x86

f6c473e91b22ab623402c87a539b1396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CreateStreamOnHGlobal
CreateBindCtx
CoCreateFreeThreadedMarshaler
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
CoCreateGuid
CoTaskMemAlloc
CoCreateInstance

shlwapi

PathIsURLW
StrCmpNW
StrToIntW
StrCmpNIW
StrCmpW
PathSearchAndQualifyW
UrlCreateFromPathW
PathCreateFromUrlW
UrlCanonicalizeW
UrlGetLocationW
UrlIsW
PathIsRelativeW
UrlUnescapeW

kernel32

LoadResource
LocalAlloc
CreateFileW
ReadFile
SetEndOfFile
InterlockedCompareExchange
FlushFileBuffers
SetStdHandle
GetProcAddress
LoadLibraryA
FreeLibrary
MultiByteToWideChar
GetModuleFileNameA
ExpandEnvironmentStringsA
TlsGetValue
OutputDebugStringW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
HeapFree
HeapSize
HeapAlloc
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetProcessHeap
CloseHandle
TlsSetValue
GetLastError
DuplicateHandle
GetCurrentThread
GetModuleHandleA
GetVersionExA
TlsAlloc
TlsFree
InitializeCriticalSection
WaitForSingleObject
ReleaseSemaphore
InterlockedExchange
CreateSemaphoreA
CreateEventW
Sleep
GetExitCodeThread
VirtualQuery
GetThreadContext
ResumeThread
SuspendThread
SetEvent
ResetEvent
HeapDestroy
HeapCreate
SetLastError
GetSystemInfo
RaiseException
WideCharToMultiByte
FormatMessageA
LoadLibraryExA
LocalFree
FindResourceW
FormatMessageW
FindClose
FindNextFileA
FindFirstFileA
GetUserDefaultLCID
GetSystemDefaultLCID
GetSystemDefaultLangID
LoadLibraryW
FileTimeToSystemTime
SystemTimeToFileTime
CreateEventA
GetVersionExW
GetThreadLocale
GetTimeFormatW
GetDateFormatW
CompareStringW
GetCPInfo
GetCommandLineA
VirtualProtect
RtlUnwind
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
HeapReAlloc
GetACP
GetOEMCP
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 674KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6c473e91b22ab623402c87a539b1396

Headers

File Characteristics

Imports

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 83KB - Virtual size: 85KB

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 674KB - Virtual size: 676KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 83KB - Virtual size: 85KB

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 674KB - Virtual size: 676KB