NEAS[.]f186f74c5fe0ddd5f2a5092cedf591e0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.f186f74c5fe0ddd5f2a5092cedf591e0.exe
Size

1.7MB
MD5

f186f74c5fe0ddd5f2a5092cedf591e0
SHA1

1b870f3ab7422ec20325cad7c944b2253736f43f
SHA256

555984397a623e860dceb12e30cd054486eefbf37af380b77558dba292cff6c0
SHA512

434185d5d592869cba21720f05bcfffed6f6204462084f99c3e4087bf65cc6f2b1f61060835db61dc1dbe8479680a6d6a000f76989b0adebfa2a787def51d924
SSDEEP

24576:7wkOOW1075df9dLAtkVBF2oc87ttmplk+gzsePhiniwVcqW:HWWdf9dLWkVD2T87tcplk+gzThyR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f186f74c5fe0ddd5f2a5092cedf591e0.exe

Files

NEAS.f186f74c5fe0ddd5f2a5092cedf591e0.exe
.exe windows:4 windows x86

6a223ec52cb4d172dc1042a7034ce858

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
TryEnterCriticalSection
MoveFileW
FindFirstFileW
RemoveDirectoryW
DeleteFileW
FindNextFileW
GetModuleHandleW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
SetLocalTime
GetLocalTime
ReadFile
CreateFileW
GetThreadPriority
GetTickCount
FindClose
OutputDebugStringW
CreateThread
SetThreadPriority
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapValidate
IsBadReadPtr
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
WriteConsoleW
GetFileType
GetStdHandle
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetLastError
GetCurrentThread
FatalAppExitA
GetModuleFileNameA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DebugBreak
WriteFile
OutputDebugStringA
WideCharToMultiByte
SetConsoleCtrlHandler
LoadLibraryW
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrentProcessId
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
LoadLibraryA
FreeLibrary
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetFilePointer
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
lstrlenA
CloseHandle
CreateFileA
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile

user32

InvalidateRect
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
SetWindowPos
ShowWindow
UpdateWindow
RegisterClassW
BeginPaint
wsprintfW
EndPaint
PostQuitMessage
DefWindowProcW
SendMessageW

gdi32

TextOutW
GetStockObject

ole32

CoInitializeEx

ws2_32

ioctlsocket
closesocket
select
htons
getaddrinfo
connect
socket
WSAStartup
WSACleanup
recv
send
WSAGetLastError

Sections

.textbss
Size: - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a223ec52cb4d172dc1042a7034ce858

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

ws2_32

Sections

.textbss Size: - Virtual size: 672KB

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 336KB - Virtual size: 335KB

.data Size: 8KB - Virtual size: 556KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 672KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 336KB - Virtual size: 335KB

.data
Size: 8KB - Virtual size: 556KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB