NEAS[.]465f877f7837c77db022b201a65690c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.465f877f7837c77db022b201a65690c0.exe
Size

940KB
MD5

465f877f7837c77db022b201a65690c0
SHA1

6f1ab35e7b5b64841903988f6625c8cf661b455c
SHA256

56766bbd5e66cf3e4ae7b16b2d83fde322a3d0883815430bd153f535ee8f8a0c
SHA512

2ffb437b2cd9d83cc34ab92aa5a74e48343ca4018c0dfd446d967bdc66c690f032d2499a14b674540c4a4146279973d0e7707901926adf4d060b7928679d9a36
SSDEEP

12288:Sdg/ZEdPh7nl4HI2P34Eim4Bbf2sUE34OUaVX0r8eU40Wwy5PK3/pUGaGYN:SdIIh7lR2P3/6BbfrUDbcu5PK3xYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.465f877f7837c77db022b201a65690c0.exe

Files

NEAS.465f877f7837c77db022b201a65690c0.exe
.dll windows:4 windows x86

1c5c473239928954685193d94dcc066b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
GetVersionExA
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
FreeLibrary
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CompareStringA
lstrlenA
GetTickCount
GetUserDefaultLangID
Beep
GetLocaleInfoW
WriteConsoleA
InitializeCriticalSection
GetTimeFormatA
GetDateFormatA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
MulDiv
CreateFileA
GetFileSize
ReadFile
CloseHandle
WideCharToMultiByte
GlobalLock
GlobalUnlock
GlobalAlloc
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
FatalAppExitA
VirtualAlloc
HeapReAlloc
SetFilePointer
GetCPInfo
GetOEMCP
IsValidCodePage
GetLocalTime

user32

KillTimer
MoveWindow
SetFocus
GetCursorPos
CharNextA
GetSystemMetrics
ReleaseCapture
SetCursor
GetDC
SetCapture
PtInRect
LoadCursorA
DrawIconEx
EndPaint
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
EnumChildWindows
EnableWindow
GetDlgItem
SetWindowTextA
GetWindowTextA
GetWindowLongA
GetClassNameA
DefWindowProcA
RegisterClassA
CreateWindowExA
DestroyWindow
PostQuitMessage
SetWindowPos
ShowWindow
UpdateWindow
GetWindowRect
GetClientRect
GetParent
RedrawWindow
AdjustWindowRect
DialogBoxParamA
CreateDialogParamA
GetDesktopWindow
EndDialog
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
DrawTextA
SetClipboardData
CloseClipboard
OpenClipboard
EmptyClipboard
GetSysColor
BeginPaint
ReleaseDC
LoadIconA
MessageBoxA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
SetTimer
SendMessageA

gdi32

CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetBkColor
SetBkMode
BitBlt
DeleteObject
GetNearestColor
SetTextColor
CreateFontA
CreatePen
GetStockObject
Ellipse
LineTo
MoveToEx
RoundRect
Rectangle
GetTextExtentPoint32A
TextOutA
SetTextAlign
GetDeviceCaps

winmm

PlaySoundA

Exports

Exports

?CreatePlugin@@YA_NPAUsPluginCreateInfo@@@Z

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 560KB - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c5c473239928954685193d94dcc066b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 308KB - Virtual size: 305KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 278KB

.rsrc Size: 560KB - Virtual size: 557KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 308KB - Virtual size: 305KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 278KB

.rsrc
Size: 560KB - Virtual size: 557KB

.reloc
Size: 16KB - Virtual size: 15KB