NEAS[.]f28a4baa545feb2f93865cdca5b03fe0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f28a4baa545feb2f93865cdca5b03fe0.exe
Size

176KB
MD5

f28a4baa545feb2f93865cdca5b03fe0
SHA1

97fa1fab50c054f1da620c81e08483ecb26dd8cf
SHA256

b0f39c5289364166e97e205be1bb5ae1eae14966c12ed2043175b51364c634c5
SHA512

d3437ec0fd5ad9422861386a04dfb04604eed0490a02eb4a0f130cae2ee7d28846f05eabb0936f3d38eb79172b3f88b7c0e0ab5b0fb2edaa5d3d370fc10018bf
SSDEEP

3072:zyUXgXXwp0z9b/Q8hE4Up9Jelbmo/PI1DPUK92Nl07d:vwc0zJ+R9gEo/P+DP4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f28a4baa545feb2f93865cdca5b03fe0.exe

Files

NEAS.f28a4baa545feb2f93865cdca5b03fe0.exe
.exe windows:4 windows x86

800e2745bb1e372d900ad0cf543fccc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
getsockname
closesocket
shutdown
WSAStartup
WSACleanup
accept
select
__WSAFDIsSet
gethostname
WSAGetLastError
ntohs
recv
send
connect
htons
socket
bind
listen

kernel32

IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
CompareStringA
CompareStringW
CloseHandle
WriteFile
SetFilePointer
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentProcessId
IsValidCodePage
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
Sleep
SetThreadLocale
ExitProcess
SetProcessWorkingSetSize
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WinExec
ReadFile
IsBadReadPtr
OpenMutexA
GetCurrentThreadId
GetModuleHandleA
SetHandleCount
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
TerminateProcess
IsBadWritePtr
VirtualFree
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
GetStartupInfoA
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
SetEndOfFile
CreateMutexA
SetEnvironmentVariableA
FlushFileBuffers
UnhandledExceptionFilter
GetFileAttributesA
GetFileType
InterlockedDecrement
InterlockedIncrement
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
CreateDirectoryA
ExitThread
CreateThread
GetStdHandle

user32

RegisterWindowMessageA
PeekMessageA
MsgWaitForMultipleObjects
FindWindowA
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
PostQuitMessage
DefWindowProcA
CreateWindowExA
LoadStringA

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
InitializeSecurityDescriptor

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.heb
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

800e2745bb1e372d900ad0cf543fccc7

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 20KB

.heb Size: - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 20KB

.heb
Size: - Virtual size: 4KB