NEAS[.]776b80632ae9e94b8fb46b2eac9542b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.776b80632ae9e94b8fb46b2eac9542b0.exe
Size

1.0MB
MD5

776b80632ae9e94b8fb46b2eac9542b0
SHA1

d3be4e6fdcb14e80415479f8e57056bc47461b8b
SHA256

44e356c8363358ad046449a83b4ffc5326e1773a1a876c7109c35ad48839ae6c
SHA512

872aa3d4800da1ccaa870c0e6437639abf52a47c388abdc6fe31d9a197a557cceed506089c6f3cf7856fa64c3c30c7a51b8989666d22e3a3797b43ab08b05169
SSDEEP

24576:alTAAmWapnHfFPZJwRlml2FusE+8dd2KNW7QwCyFV5GGuSBysLYE+4Euv:aJAAmJKOhNddhlyIhq9LYE+4Eq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.776b80632ae9e94b8fb46b2eac9542b0.exe

Files

NEAS.776b80632ae9e94b8fb46b2eac9542b0.exe
.exe windows:4 windows x86

13fb7a21a71872bb01b271dc48f095de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
LoadLibraryA
GetStdHandle
CloseHandle
FormatMessageA
GetLastError
IsDebuggerPresent
GetModuleHandleA
WriteFile
GetProcAddress
CreateFileA
SetFilePointer
FreeLibrary
InterlockedExchange
Sleep
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetLastError
WaitForSingleObject
GetFileType
VirtualAlloc
VirtualFree
ReleaseMutex
CreateMutexA
GetCurrentThreadId
SetEndOfFile
SetConsoleCtrlHandler
GetACP
GetCommandLineA
SetErrorMode
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
SetEvent
ExitThread
CreateEventA
CreateThread
GetFileInformationByHandle
GetFullPathNameA
GetTempFileNameA
GetTempPathA
ReadFile
CreateProcessA
SetThreadPriority
GetVersionExA
DeleteFileA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
GetHandleInformation
UnmapViewOfFile
FlushFileBuffers
HeapFree
HeapAlloc
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ResumeThread
HeapValidate
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetCurrentThread
HeapDestroy
HeapCreate
FatalAppExitA
TerminateProcess
GetCurrentProcess
GetModuleFileNameW
RtlUnwind
GetOEMCP
GetCPInfo
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DebugBreak
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RaiseException
lstrlenA
GetTimeZoneInformation
VirtualQuery

imagehlp

SymCleanup
StackWalk
SymInitialize

Sections

.text
Size: 840KB - Virtual size: 839KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13fb7a21a71872bb01b271dc48f095de

Headers

File Characteristics

Imports

kernel32

imagehlp

Sections

.text Size: 840KB - Virtual size: 839KB

.text1 Size: 4KB - Virtual size: 208B

.rdata Size: 156KB - Virtual size: 153KB

.data Size: 28KB - Virtual size: 506KB

.trace Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 840KB - Virtual size: 839KB

.text1
Size: 4KB - Virtual size: 208B

.rdata
Size: 156KB - Virtual size: 153KB

.data
Size: 28KB - Virtual size: 506KB

.trace
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 176B