NEAS[.]10ec6e5117719d3e35309875e5ba2960[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.10ec6e5117719d3e35309875e5ba2960.exe
Size

28KB
MD5

10ec6e5117719d3e35309875e5ba2960
SHA1

8a50d9f155ce88de59bbf354d126243a4fcbd396
SHA256

d9431fc02a66a2aac166d2815693f3473ed2ea3cd379a4e68106b06c9b654788
SHA512

14bd6f7ed43efe1e870604158bb9bdae33f38f2a93eb7d8414173caa387a728cadc1d018b0d47848df4c361cce8a848f4ea2391e7f390ee72b8ab5378ff426a2
SSDEEP

384:+eF2TewpInpix+9kAP26BJL7PwGMXCtDlNQpj1y2erwSn/J1YnwDOfyPVrzJBtBj:7AqnppCMoGzt5NiZ1GOfyd/JBt/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.10ec6e5117719d3e35309875e5ba2960.exe

Files

NEAS.10ec6e5117719d3e35309875e5ba2960.exe
.dll windows:5 windows x86

b584d6b652230efbda29eea6092810db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5gui

?setAlphaChannel@QImage@@QAEXABV1@@Z
?fromData@QImage@@SA?AV1@ABVQByteArray@@PBD@Z
??4QImage@@QAEAAV0@ABV0@@Z
?setColorTable@QImage@@QAEXV?$QVector@I@@@Z
?setPixel@QImage@@QAEXHHI@Z
??1QImageIOHandler@@UAE@XZ
?currentImageRect@QImageIOHandler@@UBE?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UBEHXZ
?nextImageDelay@QImageIOHandler@@UBEHXZ
?loopCount@QImageIOHandler@@UBEHXZ
?setOption@QImageIOHandler@@UAEXW4ImageOption@1@ABVQVariant@@@Z
??0QImageIOHandler@@QAE@XZ
?isNull@QImage@@QBE_NXZ
?height@QImage@@QBEHXZ
?width@QImage@@QBEHXZ
??0QImage@@QAE@ABV0@@Z
?scaled@QImage@@QBE?AV1@ABVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
??4QImage@@QAEAAV0@$$QAV0@@Z
?save@QImage@@QBE_NPAVQIODevice@@PBDH@Z
?device@QImageIOHandler@@QBEPAVQIODevice@@XZ
?setFormat@QImageIOHandler@@QBEXABVQByteArray@@@Z
??0QImage@@QAE@XZ
??0QImage@@QAE@HHW4Format@0@@Z
?scanLine@QImage@@QAEPAEH@Z
??0QImage@@QAE@$$QAV0@@Z
??1QImage@@UAE@XZ
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
??1QImageIOPlugin@@UAE@XZ
??0QImageIOPlugin@@QAE@PAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QImageIOPlugin@@UAEPAXPBD@Z
?setDevice@QImageIOHandler@@QAEXPAVQIODevice@@@Z
?setFormat@QImageIOHandler@@QAEXABVQByteArray@@@Z

qt5core

?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?isWritable@QIODevice@@QBE_NXZ
?isReadable@QIODevice@@QBE_NXZ
?isOpen@QIODevice@@QBE_NXZ
??1QByteArray@@QAE@XZ
?append@QByteArray@@QAEAAV1@ABV1@@Z
??0QByteArray@@QAE@ABV0@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?append@QByteArray@@QAEAAV1@D@Z
??5QDataStream@@QAEAAV0@AAH@Z
??6QDataStream@@QAEAAV0@H@Z
?shared_null@QArrayData@@2QBU1@B
?deallocate@QArrayData@@SAXPAU1@II@Z
?allocate@QArrayData@@SAPAU1@IIIV?$QFlags@W4AllocationOption@QArrayData@@@@@Z
??0QByteArray@@QAE@PBDH@Z
??5QDataStream@@QAEAAV0@AAC@Z
?warning@QMessageLogger@@QBAXPBDZZ
??0QMessageLogger@@QAE@PBDH0@Z
?atEnd@QDataStream@@QBE_NXZ
?skipRawData@QDataStream@@QAEHH@Z
?peek@QIODevice@@QAE?AVQByteArray@@_J@Z
?number@QByteArray@@SA?AV1@HH@Z
??0QByteArray@@QAE@$$QAV0@@Z
?startsWith@QByteArray@@QBE_NABV1@@Z
?toUInt@QString@@QBEIPA_NH@Z
?at@QString@@QBE?BVQChar@@H@Z
?captured@QRegularExpressionMatch@@QBE?AVQString@@ABV2@@Z
??1QRegularExpression@@QAE@XZ
??1QRegularExpressionMatch@@QAE@XZ
??1QString@@QAE@XZ
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
??0QString@@QAE@ABV0@@Z
?hasMatch@QRegularExpressionMatch@@QBE_NXZ
?match@QRegularExpression@@QBE?AVQRegularExpressionMatch@@ABVQString@@HW4MatchType@1@V?$QFlags@W4MatchOption@QRegularExpression@@@@@Z
??0QRegularExpression@@QAE@ABVQString@@V?$QFlags@W4PatternOption@QRegularExpression@@@@@Z
?fromLatin1@QString@@SA?AV1@ABVQByteArray@@@Z
??1QBuffer@@UAE@XZ
??1QDataStream@@QAE@XZ
?status@QDataStream@@QBE?AW4Status@1@XZ
?writeRawData@QDataStream@@QAEHPBDH@Z
??0QDataStream@@QAE@PAVQIODevice@@@Z
?close@QBuffer@@UAEXXZ
?open@QBuffer@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QBuffer@@QAE@PAVQByteArray@@PAVQObject@@@Z
??0QByteArray@@QAE@XZ
?number@QByteArray@@SA?AV1@_JH@Z
?setByteOrder@QDataStream@@QAEXW4ByteOrder@1@@Z
?read@QIODevice@@QAE?AVQByteArray@@_J@Z
??0QVariant@@QAE@XZ
??0QVariant@@QAE@ABVQByteArray@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?constData@QByteArray@@QBEPBDXZ
?append@QByteArray@@QAEAAV1@PBD@Z

msvcr100

_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_onexit
_lock
__dllonexit
memcpy
memset
_CIsqrt
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlock

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsProcessorFeaturePresent
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b584d6b652230efbda29eea6092810db

Headers

DLL Characteristics

File Characteristics

Imports

qt5gui

qt5core

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 2KB

.qtmetad Size: 512B - Virtual size: 296B

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 2KB

.qtmetad
Size: 512B - Virtual size: 296B

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 2KB - Virtual size: 1KB