NEAS[.]4ec90d72a6eb6179c368326cf8c00ff0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4ec90d72a6eb6179c368326cf8c00ff0.exe
Size

252KB
MD5

4ec90d72a6eb6179c368326cf8c00ff0
SHA1

f7d0fcd29ca090c03c8ed3ceaae6979821ff8658
SHA256

9ece7217d1f3a6b51d78dce413016f394f6a514b80d57f965968b99ff07c0489
SHA512

f688b3c78dff1ead64a2f535a0a889b6ee163851b2ac0f0d2bf470bffeeebeca95904b6309403f3484a55bbd7fc0090fc1b1f0e1965a93c8bcfc0103a741acf3
SSDEEP

3072:c4QDICc//ri+nFwG2obhHBcon4FKCCuh+rO1rJ56pUAasE26bGEKKRbFTDpSt6gx:zQ0TOIwGtcK4Fkuh356iPp2Hc5/gJT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4ec90d72a6eb6179c368326cf8c00ff0.exe

Files

NEAS.4ec90d72a6eb6179c368326cf8c00ff0.exe
.exe windows:4 windows x86

a8c840a055528f80e97f35860df3e5cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
GetWindow
GetWindowLongA
FillRect
GetForegroundWindow
SetFocus
SendDlgItemMessageA
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
UnionRect
GetClassNameA
EqualRect
UpdateWindow
IsRectEmpty
GetUpdateRect
IsWindowVisible
EnumWindows
GetCursorPos
PtInRect
SetCursor
KillTimer
GetDesktopWindow
MessageBoxA
SetWindowLongA
GetParent
DestroyCursor
EndDialog
GetClientRect
MoveWindow
DialogBoxParamA
IsWindow
LoadIconA
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
IntersectRect
CreateWindowExA
FindWindowA
GetWindowRect
GetDC
ReleaseDC
CopyRect
SetRectEmpty
SetRect
OffsetRect
PostMessageA
DefWindowProcA
SetClassWord
GetAsyncKeyState
BeginPaint
EndPaint
LoadCursorA
InvalidateRect
SetTimer
DestroyWindow
SetWindowPos

winmm

mciSendCommandA
sndPlaySoundA

kernel32

HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualAlloc
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
VirtualFree
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
MulDiv
FreeResource
LockResource
LoadResource
FindResourceA
SizeofResource
GetLastError
GetFileType
GlobalFree
GlobalUnlock
GlobalLock
_lclose
OpenFile
GetTempFileNameA
GetTempPathA
LocalFree
LocalUnlock
LocalLock
LocalAlloc
GlobalReAlloc
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
CloseHandle
UnmapViewOfFile
ReadFile
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetStdHandle
SetHandleCount
FreeEnvironmentStringsW
HeapSize
SetStdHandle
GetEnvironmentStrings
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetModuleFileNameA
HeapAlloc
GetCurrentProcess
TerminateProcess
GetVersion
HeapFree
ExitProcess
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
RtlUnwind
GlobalAlloc
WinExec
GetTickCount
SetFilePointer
DeleteFileA
FlushFileBuffers
SetEndOfFile

gdi32

GetDeviceCaps
CreateRectRgnIndirect
SetRectRgn
SelectClipRgn
SetTextColor
SetBkMode
SelectObject
GetTextExtentPoint32A
CreateFontIndirectA
TextOutA
RealizePalette
SelectPalette
GetStockObject
DeleteDC
SetBkColor
GetObjectA
SetMapMode
GetMapMode
BitBlt
CreateBitmap
GetPixel
CreateCompatibleBitmap
DeleteObject
CreateDIBitmap
CreatePalette
CreateCompatibleDC
CreateSolidBrush

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8c840a055528f80e97f35860df3e5cc

Headers

File Characteristics

Imports

user32

winmm

kernel32

gdi32

comdlg32

shell32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 152KB - Virtual size: 150KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 152KB - Virtual size: 150KB