NEAS[.]695d9dcfc6515dcb6f316536abdfc380[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.695d9dcfc6515dcb6f316536abdfc380.exe
Size

44KB
MD5

695d9dcfc6515dcb6f316536abdfc380
SHA1

a8c025781f055b36e40411b2da51de5d2c8796f5
SHA256

f2d38f94256c01982d78ee3cb4bb4354aa55813857bbbd71ce1cbc06560abb84
SHA512

4fcde475714cc5d9c5ea30ec64de752b91dd3e22605c9751a418b6e8b87dc35defd0d8e65febb9dfcdb0d657a1c4cab9b125ce15304507fde8a4cf909bac8462
SSDEEP

768:YTDzrhDPClswvsKbUmk7HzhbanF0Tup+7OO5MdAK4sVIEPAU:YTDzrheqwvswvk7Qnqa+iOGAK4s+EPAU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.695d9dcfc6515dcb6f316536abdfc380.exe

Files

NEAS.695d9dcfc6515dcb6f316536abdfc380.exe
.exe windows:4 windows x86

3dc1f6a79ccab850f867e6ed2836780e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateSemaphoreA
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineA
GetCommandLineW
GetLastError
GetModuleHandleA
GetStartupInfoA
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

mingwm10

__mingwthr_key_dtor

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
memset
signal
strcmp

qtcore4

_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_Z5qFreePv
_Z7qMallocj
_Z7qMemSetPvij
_Z8qReallocPvj
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_ZN10QByteArray11shared_nullE
_ZN10QByteArray7reallocEi
_ZN10QByteArrayaSEPKc
_ZN10QByteArrayaSERKS_
_ZN11QVectorData6mallocEiiiPS_
_ZN18QAbstractItemModel10insertRowsEiiRK11QModelIndex
_ZN18QAbstractItemModel10removeRowsEiiRK11QModelIndex
_ZN18QAbstractItemModel11qt_metacallEN11QMetaObject4CallEiPPv
_ZN18QAbstractItemModel11qt_metacastEPKc
_ZN18QAbstractItemModel11setItemDataERK11QModelIndexRK4QMapIi8QVariantE
_ZN18QAbstractItemModel12dropMimeDataEPK9QMimeDataN2Qt10DropActionEiiRK11QModelIndex
_ZN18QAbstractItemModel13insertColumnsEiiRK11QModelIndex
_ZN18QAbstractItemModel13removeColumnsEiiRK11QModelIndex
_ZN18QAbstractItemModel13setHeaderDataEiN2Qt11OrientationERK8QVarianti
_ZN18QAbstractItemModel16staticMetaObjectE
_ZN18QAbstractItemModel4sortEiN2Qt9SortOrderE
_ZN18QAbstractItemModel6revertEv
_ZN18QAbstractItemModel6submitEv
_ZN18QAbstractItemModel7setDataERK11QModelIndexRK8QVarianti
_ZN18QAbstractItemModel9fetchMoreERK11QModelIndex
_ZN18QAbstractItemModelC2EP7QObject
_ZN18QAbstractItemModelD2Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject13connectNotifyEPKc
_ZN7QObject16disconnectNotifyEPKc
_ZN7QObject5eventEP6QEvent
_ZN7QString11shared_nullE
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString9fromAsciiEPKci
_ZN7QString9fromUtf16EPKti
_ZN7QStringaSERKS_
_ZN8QSysInfo14WindowsVersionE
_ZN8QVariantC1ERK7QString
_ZN8QVariantC1EiPKv
_ZNK18QAbstractItemModel10headerDataEiN2Qt11OrientationEi
_ZNK18QAbstractItemModel12canFetchMoreERK11QModelIndex
_ZNK18QAbstractItemModel20supportedDropActionsEv
_ZNK18QAbstractItemModel4spanERK11QModelIndex
_ZNK18QAbstractItemModel5buddyERK11QModelIndex
_ZNK18QAbstractItemModel5matchERK11QModelIndexiRK8QVarianti6QFlagsIN2Qt9MatchFlagEE
_ZNK18QAbstractItemModel8itemDataERK11QModelIndex
_ZNK18QAbstractItemModel8mimeDataERK5QListI11QModelIndexE
_ZNK18QAbstractItemModel9mimeTypesEv
_ZNK7QString11toLocal8BitEv

qtgui4

_ZN10QTableViewC1EP7QWidget
_ZN11QHeaderView10setMovableEb
_ZN11QHeaderView21setStretchLastSectionEb
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPc
_ZN12QApplicationD1Ev
_ZN17QAbstractItemView16setSelectionModeENS_13SelectionModeE
_ZN17QAbstractItemView23setAlternatingRowColorsEb
_ZN19QItemSelectionModelC1EP18QAbstractItemModel
_ZN5QIconC1ERK7QPixmap
_ZN5QIconD1Ev
_ZN7QPixmapC1ERK7QStringPKc6QFlagsIN2Qt19ImageConversionFlagEE
_ZN7QPixmapD1Ev
_ZN7QWidget13setWindowIconERK5QIcon
_ZN7QWidget14setWindowTitleERK7QString
_ZN9QListView11setViewModeENS_8ViewModeE
_ZN9QListViewC1EP7QWidget
_ZN9QSplitter9addWidgetEP7QWidget
_ZN9QSplitterC1EP7QWidget
_ZN9QSplitterD1Ev
_ZN9QTreeView20setUniformRowHeightsEb
_ZN9QTreeViewC1EP7QWidget
_ZNK10QTableView14verticalHeaderEv
_ZNK10QTableView16horizontalHeaderEv
_ZNK9QTreeView6headerEv

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dc1f6a79ccab850f867e6ed2836780e

Headers

File Characteristics

Imports

kernel32

mingwm10

msvcrt

qtcore4

qtgui4

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 128B

.rdata Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 16KB

.idata Size: 6KB - Virtual size: 5KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 6KB - Virtual size: 5KB