NEAS[.]bbcb1205096c7727ae7a9c15ea725ff0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bbcb1205096c7727ae7a9c15ea725ff0.exe
Size

152KB
MD5

bbcb1205096c7727ae7a9c15ea725ff0
SHA1

013a2db907ed6762abb197cc8ca67f6478e9fa86
SHA256

d5612e5c2839d50fe1e7254384f834f4a98df37c89afffd96c1dbb9e68c893a0
SHA512

887944ee59656f550fba6e1083fb76b8f66ed47df5e13ac3eda6cacb1129f4514977dcbedefddde7314811ff4e3fe972fcf9152cb19d3ac39241b7c694a0a707
SSDEEP

3072:eJfX5Og+PDZFHca3a0KdrhYQEVtoy/o/o1ejxUgC5SmBD:zFH93GdwgyINgBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bbcb1205096c7727ae7a9c15ea725ff0.exe

Files

NEAS.bbcb1205096c7727ae7a9c15ea725ff0.exe
.exe windows:4 windows x86

b70720571ed6a8577f63245918eff9be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
Sleep
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
FindFirstFileA
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentProcessId
GetTickCount
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
CreateThread
WideCharToMultiByte
FreeEnvironmentStringsW
CloseHandle
WaitForSingleObject
GetCurrentDirectoryA
WritePrivateProfileStringA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapSize
GetLastError
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
RaiseException
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
QueryPerformanceCounter
GetPrivateProfileStringA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

DefWindowProcA
CreateWindowExA
UnregisterClassA
RegisterClassExA
SetDlgItemTextA
EndDialog
SendDlgItemMessageA
MoveWindow
SetWindowLongA
LoadImageA
SetWindowTextA
ShowWindow
EnableMenuItem
InvalidateRect
MessageBoxA
GetMenu
SendMessageA
GetWindowTextLengthA
GetClientRect
SetForegroundWindow
GetWindowLongA
DialogBoxParamA
DestroyIcon
KillTimer
PostQuitMessage
GetMessageA
DestroyAcceleratorTable
LoadMenuA
TranslateMessage
TranslateAcceleratorA
GetDesktopWindow
LoadAcceleratorsA
PostMessageA
DispatchMessageA
LoadCursorA
GetDlgItemInt
SetDlgItemInt
GetDlgItemTextA
DestroyWindow
SetTimer

gdi32

SetBkColor
DeleteObject
GetStockObject
CreateSolidBrush
SetTextColor

comdlg32

ChooseColorA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

ws2_32

htons
accept
listen
send
gethostbyname
closesocket
WSACreateEvent
socket
bind
recv
WSACleanup
setsockopt
WSAEventSelect
inet_addr
WSAEnumNetworkEvents
WSAGetLastError
htonl
WSAStartup
connect
ioctlsocket
WSACloseEvent
ntohs
inet_ntoa
gethostname

shlwapi

PathAppendA

comctl32

ord17

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b70720571ed6a8577f63245918eff9be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

shlwapi

comctl32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 36KB - Virtual size: 34KB