NEAS[.]6937380d56204bfc934026c78410b3b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6937380d56204bfc934026c78410b3b0.exe
Size

3.4MB
MD5

6937380d56204bfc934026c78410b3b0
SHA1

a762292eebb8fd05cbd002ec080a320f4fc7009d
SHA256

4a62bbc3afe6c5e29c75b8a550ce0ec7d698bf1f34f8e29cef5edd1eb7cc1a75
SHA512

1a3e4224648e87bd5ff66002005388342c41c58fcf4d6442739512723f5697c8ff907f65080c5445017a06a97a20c84f825ec617befe28136689485c1a6cc7c4
SSDEEP

49152:JLfqyO5jB0KY6q+QCjz/3XqJP3+1ofxWpl1VZ:JLG5k6qbPu1ofsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6937380d56204bfc934026c78410b3b0.exe

Files

NEAS.6937380d56204bfc934026c78410b3b0.exe
.exe windows:4 windows x86

e691a22fb9fb782ee5563a8048acd4e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ResumeThread
VirtualProtectEx
CreateProcessA
OpenProcess
ReadFile
GetFileSize
CreateFileA
GetWindowsDirectoryA
MapViewOfFile
CreateFileMappingA
CreateThread
WideCharToMultiByte
GetProcAddress
LoadLibraryA
WriteFile
MultiByteToWideChar
VirtualFree
VirtualAllocEx
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
SetFilePointer
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
CopyFileA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
InterlockedIncrement
OutputDebugStringA
InterlockedDecrement
GetStdHandle
DebugBreak
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapValidate
IsBadReadPtr
IsBadWritePtr
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
lstrlenA
FreeLibrary
WriteProcessMemory
CreateMutexA
GetLastError
CloseHandle
Sleep
ReadProcessMemory
RtlUnwind
SetEnvironmentVariableA

user32

GetWindow
PostMessageA
SendMessageA
GetWindowTextA
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
PostQuitMessage
KillTimer
EndPaint
BeginPaint
DestroyWindow
WaitForInputIdle
GetWindowThreadProcessId
wsprintfA
SetWindowTextA
InvalidateRect
GetWindowLongA
SetLayeredWindowAttributes
UpdateWindow
ClientToScreen
GetClientRect
SetCapture
MoveWindow
ReleaseCapture
FindWindowExA
CallWindowProcA
GetParent
keybd_event
GetAsyncKeyState
SetWindowRgn
SendMessageTimeoutA
SetWindowLongA
LoadBitmapA
CheckRadioButton
SetFocus
MessageBoxA
SetTimer
FindWindowA

gdi32

BitBlt
SetBkMode
CreateRoundRectRgn
CreateFontA
CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
SetTextColor
TextOutA
GetStockObject

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString

ws2_32

WSAAsyncSelect
ioctlsocket
socket
recv
send
WSACleanup
WSAStartup
connect
gethostbyname
inet_ntoa
inet_addr
htons
closesocket

winmm

PlaySoundA

wininet

DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e691a22fb9fb782ee5563a8048acd4e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

ws2_32

winmm

wininet

urlmon

Sections

.text Size: 348KB - Virtual size: 347KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 196KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 40KB - Virtual size: 36KB

.text
Size: 348KB - Virtual size: 347KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 196KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 40KB - Virtual size: 36KB