NEAS[.]3a2781abfe25d5aee86501ba54569f80[.]exe

General

Target

NEAS.3a2781abfe25d5aee86501ba54569f80.exe
Size

32KB
MD5

3a2781abfe25d5aee86501ba54569f80
SHA1

3c6c70117ed541b2527be4c29b5a597daf3a68e7
SHA256

893812c535ec162edad1cf7732ac02545d652b0a3a4203e9638685cf4b913b39
SHA512

c95aa581a5bceda8e9aa556133aed1eae7881cc3733e1f0e55519003fa2c8eff848e5329a43829311979f3d5b972d3b0c6817b7cacde67329180e3d9b92a592b
SSDEEP

384:pThH8GCwE4F0PWSNMzgG1UNS7qSBdJ+RFc7C1Wmx9qB9:pThH8j19vNrNLSDJYyIHLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3a2781abfe25d5aee86501ba54569f80.exe

Files

NEAS.3a2781abfe25d5aee86501ba54569f80.exe
.exe windows:4 windows x86

2cc1409e4a2d621ea306114c72415323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2756
ord922
ord5568
ord2910
ord4199
ord6655
ord541
ord801
ord539
ord6874
ord5857
ord4197
ord5679
ord540
ord5706
ord858
ord6868
ord4124
ord860
ord537
ord535
ord538
ord3806
ord2810
ord2812
ord940
ord942
ord1197
ord800
ord825
ord861

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_onexit
__dllonexit
wcslen
wcscmp
wcschr
free
malloc
strlen
__CxxFrameHandler
_except_handler3
_strnicmp

kernel32

GetModuleHandleA
GetCommandLineW
WideCharToMultiByte
WriteFile
CreateDirectoryW
GetLastError
FormatMessageW
CreateFileW
CloseHandle
SetFilePointer
GetStartupInfoA
LocalFree

user32

MessageBoxW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumValueW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegConnectRegistryW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cc1409e4a2d621ea306114c72415323

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 275KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 275KB

.rsrc
Size: 4KB - Virtual size: 1KB