NEAS[.]d7643215eb82c69b221751d1d2cd6590[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.d7643215eb82c69b221751d1d2cd6590.exe
Size

389KB
MD5

d7643215eb82c69b221751d1d2cd6590
SHA1

d1b8046ba7cae74dde4b42aa951ad832b2128fb5
SHA256

9f59c64a5121a8d684f478367fbd8c319ab84c47ae6812ea6db09b11a045886d
SHA512

3972d87695cf21bfdb04de3aeff2014133af264bfbed1cfda8056df204bbf2ba1e2031739b334d0c5b22ce8910e7229eaf4d78f5b726f550ec4e99150baed80c
SSDEEP

3072:apjBFy11Aw6Zyhurk2ilx3hLvgiuRMoiFeYOlZvGgiKzZISqQ7:AhuhuIpRL5uO1FeYOlZvGgiKF17

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d7643215eb82c69b221751d1d2cd6590.exe

Files

NEAS.d7643215eb82c69b221751d1d2cd6590.exe
.exe windows:6 windows x86

679804aa004d229f87f8c88a69c84a0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegCreateKeyW
RegEnumValueW
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegRenameKey
GetSecurityDescriptorControl
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetKeySecurity
GetSecurityInfo
RegConnectRegistryW
RegRestoreKeyW
RegSaveKeyW
RegFlushKey
RegSetValueW
RegOpenKeyExW
RegUnLoadKeyW
RegLoadKeyW
MapGenericMask
GetNamedSecurityInfoW
SetSecurityDescriptorGroup
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetSecurityDescriptorOwner
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetNamedSecurityInfoW
SetSecurityInfo
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
GetInheritanceSourceW
InitializeAcl
IsValidSecurityDescriptor
RegSetValueExA
RegCloseKey

kernel32

LoadLibraryExA
InterlockedCompareExchange
GetProcAddress
DelayLoadFailureHook
MulDiv
LoadLibraryW
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
MultiByteToWideChar
GetFileSize
SetFilePointer
GetLastError
OutputDebugStringW
ReadFile
CreateFileW
RegOpenKeyExA
RegQueryValueExA
ExpandEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
Sleep
InterlockedExchange
lstrcmpW
GetCurrentProcess
CloseHandle
HeapSetInformation
GetThreadLocale
GetModuleHandleW
RegisterApplicationRestart
ExitProcess
WideCharToMultiByte
WriteFile
DeleteFileW
GetCommandLineW
GetLongPathNameW
GetProcessHeap
FormatMessageW
GetWindowsDirectoryW
lstrcmpiW
LocalFree
LocalAlloc
GetComputerNameW
lstrlenW
LocalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
SearchPathW
LoadLibraryA

gdi32

GetTextExtentPoint32W
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetBkColor
SetTextColor
GetTextMetricsW
SelectObject
CreateFontIndirectW
GetDeviceCaps
ExtTextOutW
GetStockObject

user32

EnableWindow
DialogBoxParamW
DrawMenuBar
InsertMenuItemW
DeleteMenu
GetKeyState
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
SetWindowPlacement
CreateWindowExW
GetProcessDefaultLayout
LoadStringW
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CheckDlgButton
DestroyWindow
CreateDialogParamW
DrawAnimatedRects
IntersectRect
GetClientRect
SetWindowTextW
GetMessagePos
CharNextW
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
GetWindow
IsDialogMessageW
PeekMessageW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
SetWindowPos
MapWindowPoints
MoveWindow
GetSystemMetrics
GetWindowRect
GetDlgItem
SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongW
DefWindowProcW
ReleaseDC
GetDC
SetScrollInfo
DestroyCaret
ReleaseCapture
KillTimer
SetCaretPos
ScrollWindowEx
InvalidateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowPlacement
PostQuitMessage
GetDlgItemInt
SetMenuItemInfoW
GetWindowTextLengthW
CallWindowProcW
IsDlgButtonChecked
GetDlgItemTextW
GetClipboardData
EndDialog
GetWindowLongW
GetParent
GetWindowTextW
SendMessageW
CheckRadioButton
RegisterClipboardFormatW
LoadCursorW
ModifyMenuW
RegisterClassW
SetCapture
SetTimer
BeginPaint
EndPaint
SetFocus
LoadMenuW
GetSubMenu
EnableMenuItem
IsClipboardFormatAvailable
TrackPopupMenuEx
DestroyMenu
HideCaret
MessageBeep
CharLowerW
CreateCaret
ShowCaret

msvcrt

_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_vsnwprintf
memcpy
atoi
memset
iswctype
wcschr
wcsncmp
wcsrchr
_wcsnicmp
_resetstkoflw
iswprint
_purecall
__getmainargs
_cexit
_except_handler4_common
memmove

shlwapi

StrChrIW
StrChrW
StrRChrW
ord388
StrToIntW
StrStrIW
ord219

comctl32

ord338
ord334
ord337
ord340
InitCommonControlsEx
ord329
CreateStatusWindowW
ImageList_SetBkColor
ImageList_Create
ImageList_ReplaceIcon
ord236
ord2
ord4
ImageList_Destroy

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgExW

shell32

SHGetStockIconInfo
DragQueryFileW
DragFinish
ShellAboutW

authz

AuthzInitializeResourceManager
AuthzInitializeContextFromSid
AuthzAccessCheck
AuthzFreeContext
AuthzFreeResourceManager

aclui

ord2

ole32

CoCreateInstance
ReleaseStgMedium
CoInitializeEx
CoUninitialize

ulib

?NewBuf@DSTRING@@UAEEK@Z
??1OBJECT@@UAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
??0OBJECT@@IAE@XZ
??0DSTRING@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
?Initialize@WSTRING@@QAEEPBGK@Z
??1DSTRING@@UAE@XZ
?SPrintfAppend@DSTRING@@UAAEPBGZZ
?Initialize@ARRAY@@QAEEKK@Z
??0ARRAY@@QAE@XZ
?Resize@DSTRING@@UAEEK@Z
?SPrintf@DSTRING@@UAAEPBGZZ

clb

ClbAddData
ClbSetColumnWidths

ntdll

RtlInitUnicodeString
RtlIoDecodeMemIoResource
RtlCmDecodeMemIoResource
RtlFreeUnicodeString
RtlCreateUnicodeString
RtlAllocateHeap
RtlFreeHeap

uxtheme

SetWindowTheme

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

679804aa004d229f87f8c88a69c84a0e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

shlwapi

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

uxtheme

Sections

.text Size: 109KB - Virtual size: 109KB

.data Size: 258KB - Virtual size: 260KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 109KB - Virtual size: 109KB

.data
Size: 258KB - Virtual size: 260KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 7KB - Virtual size: 6KB