NEAS[.]d8b779142d9b748535753a2899ea4030[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d8b779142d9b748535753a2899ea4030.exe
Size

2.6MB
MD5

d8b779142d9b748535753a2899ea4030
SHA1

b0455deefc747966c78a12cab162d37573079b7e
SHA256

3c431e7e8bb1e5bcf7a55692a5a9d70e56036e38693b7c6c057ff217427d9ad4
SHA512

072f029bd970fe77a31c52b1486c52ef108de535af1f50ccb0059a74343bc24cddfe6f9833f18e0f58836284eb5c0f65f6473021b308cfeaec5aeb03010c090a
SSDEEP

49152:GFYOXmy1xGvtIz8PyF9sSm7auVRmqJ7PHWzztlO9ztVj46hx3OLSyZlz6koIYgLP:cmyGvc8PgG7auVRmu7PHWzztOzvHEPZ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d8b779142d9b748535753a2899ea4030.exe

Files

NEAS.d8b779142d9b748535753a2899ea4030.exe
.exe windows:5 windows x86

d4e0e2aaf41ae698adf05aa296c7824f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
DeleteMenu
SetRectEmpty
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
SetTimer
KillTimer
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
InflateRect
GetMenuItemInfoA
DestroyMenu
CopyImage
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
RegisterWindowMessageA
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
CheckDlgButton
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
CopyRect
PtInRect
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
GetDlgItemTextA
SendDlgItemMessageA
ReuseDDElParam
BeginDeferWindowPos
SetClipboardData
CloseClipboard
GetSystemMetrics
LoadBitmapA
LoadIconW
EnableWindow
OpenClipboard
InvalidateRect
GetClientRect
IsIconic
DrawIcon
GetDlgItem
SetWindowsHookExA
SendMessageA

kernel32

QueryPerformanceCounter
GetStringTypeW
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GlobalLock
GlobalAlloc
InterlockedExchange
FreeEnvironmentStringsW
GetStdHandle
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapQueryInformation
VirtualQuery
SizeofResource
LockResource
LoadResource
FindResourceW
FreeLibrary
GetProcAddress
GetModuleHandleW
lstrcmpA
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryA
ActivateActCtx
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetModuleFileNameA
GetCurrentThreadId
GlobalDeleteAtom
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
lstrlenA
GetModuleHandleA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
FreeResource
FindResourceA
GlobalFree
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetSystemInfo
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
GlobalFindAtomA
RaiseException
CreateThread
ExitThread
ExitProcess
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
GetTickCount
GetNumberFormatA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesA
HeapCreate
SetHandleCount
GetCurrentThread
GetEnvironmentStringsW
GlobalGetAtomNameA
MulDiv
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
GetCurrentDirectoryA
GetSystemDirectoryW
lstrcpyA
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
DeleteFileA
GetThreadLocale
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
FileTimeToLocalFileTime
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetTempFileNameA
GetTempPathA
FileTimeToSystemTime
GetFileAttributesExA
GlobalUnlock

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

oleaut32

VarBstrFromDate
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipBitmapLockBits
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCloneImage

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

shell32

SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

gdi32

EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateDCA
CopyMetaFileA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
GetTextCharsetInfo
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetPixelV

comdlg32

GetFileTitleA

ole32

CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4e0e2aaf41ae698adf05aa296c7824f

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msimg32

winspool.drv

comctl32

shlwapi

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

shell32

advapi32

gdi32

comdlg32

ole32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 267KB - Virtual size: 267KB

.data Size: 24KB - Virtual size: 53KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 167KB - Virtual size: 166KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 267KB - Virtual size: 267KB

.data
Size: 24KB - Virtual size: 53KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 167KB - Virtual size: 166KB