NEAS[.]321fd3f0bc03acd21ccf350be92c79a0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.321fd3f0bc03acd21ccf350be92c79a0.exe
Size

110KB
MD5

321fd3f0bc03acd21ccf350be92c79a0
SHA1

67419779a6f13a513c6f3565f8c3e48a16dc843f
SHA256

55df7bac79d1bb5091581e4901532a4a04ace11a67219ac2035a4216e9e14cb6
SHA512

0e64f2dcff766be935d9b7d2765deafb70c212aadfaee4fba74923382a96534fc184a396081ff3bd1b3da6915142396faac0a0c2aa72424e4773bdab3879058a
SSDEEP

1536:g7AwBo3dbR2tKWnRxa28DsONvWliOLulh5UzwYbN9Ns8zvwIH4yI0AG:NsftKWu28DsOuiOkurNsqHrI0AG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.321fd3f0bc03acd21ccf350be92c79a0.exe

Files

NEAS.321fd3f0bc03acd21ccf350be92c79a0.exe
.exe windows:5 windows x86

c71498eb56b9c34237da7e187bcc1b29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleIsRunning
EnableHookObject
CreateBindCtx
CoSwitchCallContext

shlwapi

PathGetDriveNumberA
PathCombineW
PathQuoteSpacesA
PathIsRelativeW
PathUnquoteSpacesA
IntlStrEqWorkerA
StrIsIntlEqualW

user32

WINNLSEnableIME
FindWindowW
CharLowerA
VkKeyScanExW
GetWindow
GetSystemMenu
MapVirtualKeyA
GetMenuInfo
MenuItemFromPoint
ReleaseDC
GetWindowLongW
GetMessagePos
SetActiveWindow
HideCaret
DrawFrameControl
TileChildWindows
GetSysColor
IsClipboardFormatAvailable
SetThreadDesktop
ChangeDisplaySettingsA
GetInputDesktop
FindWindowExW
DdeAbandonTransaction
ShowScrollBar
SwapMouseButton
CallWindowProcW
FindWindowExA
PeekMessageA
GetDlgItem
GetScrollPos
GetQueueStatus
SendMessageW
GetPropA
DialogBoxParamA
CharPrevExA
DdeClientTransaction
GetDCEx
SetMenuItemInfoA
SetDlgItemInt
MapVirtualKeyExW
GrayStringA
ToAscii
FlashWindow
OpenWindowStationW
DdeConnect
WINNLSGetEnableStatus
InvertRect
DdeUnaccessData
SetMessageExtraInfo
VkKeyScanExA
GetClipboardOwner
EnumWindowStationsW
DdeAddData
DlgDirListComboBoxW
IsIconic
GetKeyboardType
DefFrameProcA
TranslateAcceleratorW
CreateDialogIndirectParamW
LoadMenuW
GetCursorPos
DdeSetQualityOfService
CreateIconFromResource
CreateIconIndirect
SendDlgItemMessageW
DdeKeepStringHandle
CheckMenuItem
OpenWindowStationA
GetComboBoxInfo
CreateDesktopA
OpenDesktopW
GetWindowWord
CreateCaret
RegisterHotKey
SwitchDesktop
VkKeyScanW
RegisterWindowMessageA
GetDialogBaseUnits
DrawAnimatedRects
ReleaseCapture
GetWindowDC
FrameRect
GetKeyboardState
SetRect
ShowCaret
LoadIconA
DialogBoxParamW
GetClipboardViewer
DragDetect
GetKeyNameTextA
DlgDirListComboBoxA
GetDlgItemInt
ScrollDC
GetScrollBarInfo
DlgDirListA
MessageBoxIndirectW
TabbedTextOutA
GetActiveWindow
CharNextW
DdeQueryStringA
RegisterClipboardFormatA
DlgDirSelectExA
LoadMenuA
ScreenToClient
DrawIcon
GetWindowLongA
OpenIcon
PeekMessageW
MessageBoxExW
DdeAccessData
SendMessageCallbackA
GetWindowTextA
CharNextA
GetMenuStringW
DefDlgProcA
GetMonitorInfoA
LoadStringA
LoadAcceleratorsW
GetWindowRgn
ValidateRgn
ChangeMenuA
CreateDialogParamW
DlgDirSelectComboBoxExA
CallMsgFilterW
GetMenuItemInfoA
GetScrollInfo
EnumDesktopsA
EqualRect
ChangeDisplaySettingsExW
EnumDisplaySettingsA
InternalGetWindowText
OpenInputDesktop
IsWindowUnicode
CreateMDIWindowW
BringWindowToTop
TabbedTextOutW
IsDialogMessageA
GetClipboardFormatNameW
GetMenuStringA
SetUserObjectSecurity
ExcludeUpdateRgn
PaintDesktop
RemovePropA
CascadeChildWindows
CreateAcceleratorTableA
SetProcessDefaultLayout
CheckRadioButton
DrawStateW
DdeEnableCallback
DragObject
CharToOemBuffW
IsWindow
PackDDElParam
GrayStringW
LoadBitmapW
MessageBoxW
GetKBCodePage
EndTask
CreateWindowExA
ArrangeIconicWindows
GetCaretPos
WaitForInputIdle
CascadeWindows
GetDesktopWindow
CopyRect
GetWindowModuleFileNameA
GetMenuCheckMarkDimensions
SetMenu
GetKeyboardLayout
GetClassInfoExW
GetSubMenu
GetIconInfo
GetKeyboardLayoutNameA
EnumWindows
GetMenuBarInfo
WindowFromPoint
SetShellWindow
CallWindowProcA
CharLowerBuffW
GetDlgCtrlID
GetWindowTextLengthW
GetMessageExtraInfo
IsDlgButtonChecked
OpenClipboard
ChangeClipboardChain
GetNextDlgTabItem
SendMessageA
OemToCharBuffA
GetGuiResources
ShowWindow
DispatchMessageW
OemToCharA
ModifyMenuW
ToUnicode
DdeInitializeA
SetClassLongA
DdeUninitialize
SetDoubleClickTime
InsertMenuW
DdeReconnect
CreateMenu
CopyIcon
SetKeyboardState
SetClassLongW
CreateWindowExW
UnregisterHotKey
GetFocus
IsCharUpperW
GetMessageA
GetClassWord
GetKeyState
DdeImpersonateClient
DrawTextExW
EndMenu
SetWindowTextW
DdeDisconnect
SetMenuInfo
SetPropA

advapi32

BuildImpersonateExplicitAccessWithNameW
PrivilegedServiceAuditAlarmW
ChangeServiceConfigW
RegGetKeySecurity
CryptSignHashW
GetSecurityInfo
CryptHashData
BackupEventLogW
GetAce
RegFlushKey
CreateProcessAsUserA

kernel32

SetComputerNameW
ReadConsoleInputW
WaitForSingleObject
SetSystemTime
UpdateResourceA
SetConsoleTitleW
DeleteFileA
lstrcpyn
ReadConsoleOutputW
IsBadWritePtr
Module32Next
SetTimeZoneInformation
CreateNamedPipeW
GetVolumeInformationW
FindFirstFileExW
lstrlen
ReleaseSemaphore
EnumSystemCodePagesW
GetModuleFileNameW
CreateWaitableTimerW
GetLocalTime
GetConsoleCP
IsProcessorFeaturePresent
HeapFree
GlobalFlags
ReadConsoleOutputCharacterA
GetFullPathNameW
VirtualAlloc
LocalUnlock
OpenFileMappingA
EnumCalendarInfoW
FillConsoleOutputCharacterW
EnumCalendarInfoExA
QueryPerformanceCounter
CreateEventW
FindNextChangeNotification
FlushConsoleInputBuffer
WaitNamedPipeA
SetThreadExecutionState
VirtualFree
FormatMessageW
Thread32First
SetConsoleWindowInfo
CancelIo
HeapValidate
SetEnvironmentVariableW
GetFileType
GetDiskFreeSpaceW
MoveFileW
CancelDeviceWakeupRequest
CreatePipe
EnumDateFormatsW
FindClose
GetPrivateProfileStructA
GetShortPathNameW
VirtualFreeEx
GetHandleInformation
GetStringTypeA
GetNumberOfConsoleMouseButtons
GetProcessAffinityMask
QueryPerformanceFrequency
CreateNamedPipeA
GetDiskFreeSpaceExW
WinExec
GetLargestConsoleWindowSize
SetLocalTime
FoldStringW
FatalExit
GetThreadPriorityBoost
GetModuleFileNameA
GetLogicalDriveStringsA
EnumResourceLanguagesW
ReadConsoleA
SetThreadLocale
IsBadReadPtr
GetLogicalDriveStringsW
GlobalGetAtomNameA
GetStartupInfoA
SetConsoleCP
CreateFileMappingA
GetModuleHandleA
OpenMutexA
MoveFileA
ReadConsoleOutputCharacterW
FileTimeToDosDateTime
LocalAlloc
SetThreadPriorityBoost
DosDateTimeToFileTime
CompareFileTime
ConvertDefaultLocale
GetConsoleCursorInfo
Heap32Next
GetTempFileNameA
WriteFileGather
GetTempPathA
LoadModule
GlobalMemoryStatus
GetProfileIntA
SetWaitableTimer
GetComputerNameA
SetProcessAffinityMask
SleepEx
WritePrivateProfileStringA
ExpandEnvironmentStringsW
GetThreadLocale
SetLocaleInfoW
WriteConsoleOutputA
WriteConsoleA
GetConsoleTitleW
WaitForMultipleObjectsEx
GetConsoleOutputCP
GetCurrentProcess
GetOEMCP
Process32Next
GetSystemInfo
FreeResource
EnumSystemCodePagesA
SetConsoleScreenBufferSize
FreeLibrary
OpenEventA
LocalCompact
MapViewOfFileEx
Thread32Next
GetCompressedFileSizeW
FindResourceW
GetFileAttributesExA
GetPrivateProfileIntA
LockFile
GetExitCodeProcess
GetProcessHeap
MoveFileExW
LocalShrink
LoadLibraryExW
EnumDateFormatsA
UnhandledExceptionFilter
ExpandEnvironmentStringsA
WriteConsoleOutputCharacterW
DeleteFiber
RequestWakeupLatency
DisableThreadLibraryCalls
CreateDirectoryExW
WriteConsoleOutputW
CreateFileW
DeleteFileW
WriteProcessMemory
SetEvent
FatalAppExitA
BackupSeek
GetLongPathNameA
ResetWriteWatch
GetProcAddress
WritePrivateProfileSectionA
EnumTimeFormatsA
CreateProcessW
ScrollConsoleScreenBufferA
LocalFlags
GetProfileStringW
WriteConsoleW
SizeofResource
SwitchToThread
lstrcmpiA
GetAtomNameA
GetProfileIntW
GetTimeFormatA
GlobalGetAtomNameW
CreateConsoleScreenBuffer
GetSystemDefaultLangID
GetStringTypeExW
LoadResource
PulseEvent
RemoveDirectoryW
ConvertThreadToFiber
SetProcessWorkingSetSize
ReadDirectoryChangesW
EnumCalendarInfoA
Process32First
DuplicateHandle
GetCurrentDirectoryW
VirtualProtect
LoadLibraryA

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c71498eb56b9c34237da7e187bcc1b29

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

user32

advapi32

kernel32

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB