NEAS[.]62ba25d3b7f5b6995030ea7f151716c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.62ba25d3b7f5b6995030ea7f151716c0.exe
Size

298KB
MD5

62ba25d3b7f5b6995030ea7f151716c0
SHA1

a6b76ff71f0f91e4c4fd83c6b6c675fba27496a6
SHA256

7987fde5f7134b666dd3e99f1bef479a2cf5323d459c2eb810d20c3bc3e70d27
SHA512

275e2631596ac0fcd4c4eec4585c4adbfb1cd40f61a826f652a885e76ac00ac4fd6bc430347ce7af6ee02d610b0dc2beaf7b2cd35e5621c28e69c356025ad559
SSDEEP

6144:QJYQeYevvi7fNhW/2YbDqnBMOD1LGU7kVdLNE:QVevvirNS2YbDqn7D1LGkkVLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.62ba25d3b7f5b6995030ea7f151716c0.exe

Files

NEAS.62ba25d3b7f5b6995030ea7f151716c0.exe
.exe windows:5 windows x86

aa10b44e68404daa24acbcbcaecb19b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetNamedSecurityInfoW
AllocateAndInitializeSid
FreeSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
GetUserNameA
LookupAccountSidA
GetUserNameW
LsaClose
LsaFreeMemory
LsaQueryInformationPolicy
LsaOpenPolicy
GetSecurityDescriptorOwner
EqualSid
GetKernelObjectSecurity
GetAce
GetAclInformation
GetSecurityDescriptorControl
InitializeAcl
LookupAccountNameA
AddAce
MakeSelfRelativeSD
MakeAbsoluteSD
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetKernelObjectSecurity
LookupPrivilegeNameA
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
SetNamedSecurityInfoW
GetLengthSid
GetFileSecurityA
CopySid

user32

wsprintfA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
LoadAcceleratorsA
MoveWindow
SetTimer
IsWindowVisible
SetCursorPos
GetCursorPos
SetCursor
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
InvalidateRect
SendMessageTimeoutA
CharToOemA
OemToCharA
GetDlgItem
GetDlgItemTextA
EndDialog
GetClientRect
GetParent
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindow
GetWindowDC
GetWindowRect
OffsetRect
EnableWindow
CreateDialogParamA
SetDlgItemTextA
GetWindowTextA
PeekMessageA
GetSystemMenu
SetWindowTextA
KillTimer
PostQuitMessage
DefWindowProcA
GetDC
ReleaseDC
RegisterWindowMessageA
GetWindowLongA
GetSystemMetrics
EnableScrollBar
SetScrollInfo
ScrollWindow
SetScrollPos
SendMessageA
BeginPaint
EndPaint
EnableMenuItem
MessageBoxA
SetFocus
DialogBoxParamA
DestroyWindow

kernel32

IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
DeleteCriticalSection
GetFileType
SetHandleCount
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetStdHandle
WriteFile
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapCreate
DecodePointer
ExitProcess
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetCommandLineA
GetExitCodeThread
Sleep
GetVersionExA
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
CloseHandle
CreateThread
FindClose
FindNextFileW
FindFirstFileW
LocalFree
GetLastError
MoveFileW
ResumeThread
SuspendThread
FreeLibrary
TlsAlloc
LoadLibraryA
GetSystemDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentDirectoryW
GetCurrentDirectoryA
SetLastError
GetFullPathNameA
GetFullPathNameW
ReadFile
SetFilePointer
SearchPathA
CreateFileA
SetErrorMode
DeleteFileA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
HeapFree
HeapAlloc
GetProcessHeap
lstrlenA
GetTimeZoneInformation
GetComputerNameA
LocalAlloc
CreateDirectoryA
CreateDirectoryW
GetFileInformationByHandle
GetFileAttributesA
CreateFileW
GetFileAttributesW
FindNextFileA
FindFirstFileA
SetFileAttributesA
RemoveDirectoryA
GetLogicalDrives
GetShortPathNameA
GetShortPathNameW
GetComputerNameW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
FormatMessageA
LoadLibraryExA
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
WriteConsoleW
SetEndOfFile
GetProcAddress
CompareStringW
HeapSetInformation
ReadConsoleInputA
SetConsoleMode
GetStartupInfoW

gdi32

SelectPalette
RealizePalette
BitBlt
GetObjectA
StretchDIBits
DeleteObject
CreateDIBSection
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
CreateICA
DeleteDC
SelectObject
GetTextMetricsA
SetBkColor
TextOutA
SetTextColor
GetStockObject
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
FindTextA

ole32

CoUninitialize
CoInitializeEx
StringFromGUID2
CoCreateInstance

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
VariantInit
VariantClear
SysFreeString

activeds

ord9
ord3
ord15

credui

CredUIPromptForCredentialsW

mpr

WNetEnumResourceA
WNetCloseEnum
WNetGetConnectionA
WNetAddConnection2A
WNetCancelConnection2A
WNetUseConnectionA
WNetGetUniversalNameW
WNetGetUniversalNameA
WNetGetConnectionW
WNetOpenEnumA

ws2_32

WSAStartup
inet_ntoa
htonl
getservbyname
WSAGetLastError
gethostbyname
gethostbyaddr
WSACleanup
htons
inet_addr
WSASetLastError
ntohs
getservbyport

netapi32

NetWkstaGetInfo
DsGetDcNameA
NetGetDCName
NetWkstaUserGetInfo
NetServerGetInfo
NetDfsGetInfo
NetShareGetInfo
NetApiBufferFree

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa10b44e68404daa24acbcbcaecb19b2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

gdi32

comdlg32

ole32

oleaut32

activeds

credui

mpr

ws2_32

netapi32

Sections

.text Size: 229KB - Virtual size: 228KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 52KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 229KB - Virtual size: 228KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 52KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 11KB