NEAS[.]d6e48cebe9ef441387fe093a928d8770[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d6e48cebe9ef441387fe093a928d8770.exe
Size

3.9MB
MD5

d6e48cebe9ef441387fe093a928d8770
SHA1

52ca2294572a69e1434f9e7619ce2d1a38b56f9b
SHA256

e7a6d3a1dd037079643d3df8bc0bd552361fbe8f4ac0e017b721b2960169c165
SHA512

aa517204e2d1eff0801287d83db7de4595a3fc15904d4870167f17452c62a103d93505570600587d21f6f5afe9cc7e61901d97b1ebaa4e5a3fbb4e3a9e647997
SSDEEP

98304:b6hQX+leXZVdR+nW0MKdyjGOG4gVZM07EnmYZW7Z76FTmjN:b6h01ZVuWlqO/+qf096Fyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d6e48cebe9ef441387fe093a928d8770.exe

Files

NEAS.d6e48cebe9ef441387fe093a928d8770.exe
.exe windows:4 windows x86

c4f31d15a06c62518beeb8ac8b78d4aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

kernel32

GetStartupInfoA
GetVersionExA
GetCurrentProcess
CloseHandle
CreateProcessA
WaitForSingleObject
OutputDebugStringA
GetProcAddress
FreeLibrary
Sleep
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetCommandLineA
DeleteFileA
FindResourceA
GetLastError
LoadResource
SizeofResource
LockResource
GetTempPathA
CreateFileA
WriteFile
LoadLibraryA
SetPriorityClass
SetEnvironmentVariableA
GetFileSize
GetFileType
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
SetStdHandle
GetStdHandle
SetHandleCount
HeapReAlloc
HeapFree
GetSystemInfo
FileTimeToSystemTime
SetFilePointer
GetVersion
GetModuleHandleA
ExitProcess
GetSystemTime
GetTimeZoneInformation
GetLocalTime
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
LCMapStringA
CompareStringA
GetCPInfo
MultiByteToWideChar
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
InterlockedExchange
HeapAlloc
UnmapViewOfFile
CreateFileMappingA
ReadFile
MapViewOfFile

shell32

ShellExecuteA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

user32

InvalidateRect
DestroyWindow
IsDialogMessageA
DispatchMessageA
TranslateMessage
CreateDialogParamA
GetMessageA
SetFocus
GetDC
GetDesktopWindow
ReleaseDC
DefWindowProcA
GetSysColor
GetClientRect
PostMessageA
EndPaint
BeginPaint
CreateWindowExA
GetWindowLongA
SetWindowLongA
SetTimer
GetCursorPos
UpdateWindow
SystemParametersInfoA
PeekMessageA
KillTimer
UnregisterClassA
WaitForInputIdle
SetForegroundWindow
GetWindow
FindWindowA
GetForegroundWindow
wsprintfA
MessageBoxA
GetSystemMetrics
SetWindowTextA
GetWindowTextA
MoveWindow
SendMessageA
EnableWindow
PostQuitMessage
GetDlgItem
GetWindowRect
ScreenToClient
GetClassNameA
GetClassInfoA
LoadCursorA
RegisterClassA
ShowWindow
LoadBitmapA

gdi32

DeleteObject
GetTextExtentPoint32A
SetBkColor
SetTextColor
Rectangle
SelectObject
CreateFontIndirectA
GetObjectA
GetStockObject
CreateSolidBrush
BitBlt
SetBkMode
DeleteDC
CreateCompatibleDC
TextOutA

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

comctl32

ord17

Sections

.text
Size: 352KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4f31d15a06c62518beeb8ac8b78d4aa

Headers

File Characteristics

Imports

ole32

kernel32

shell32

advapi32

user32

gdi32

ddraw

comctl32

Sections

.text Size: 352KB - Virtual size: 350KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 24KB - Virtual size: 34KB

STLPORT_ Size: 4KB - Virtual size: 32B

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.text
Size: 352KB - Virtual size: 350KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 24KB - Virtual size: 34KB

STLPORT_
Size: 4KB - Virtual size: 32B

.rsrc
Size: 3.5MB - Virtual size: 3.5MB