NEAS[.]50388b2ba0d64c4c15dd28efd09b57d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.50388b2ba0d64c4c15dd28efd09b57d0.exe
Size

1.4MB
MD5

50388b2ba0d64c4c15dd28efd09b57d0
SHA1

7496f70b6e857f7250beacae67b9db88372cce0f
SHA256

b77815c27fc43231006343d3c30a396ca991b11b79080c7b99be2e17423822d9
SHA512

56100343e106612ad49015c43e28b733006fe255a050d286323eb6b84d124606a6a0c0367bee52e5af2c4bdc8a5796fdb11157bc44705ef3fc46e89e3e98c79e
SSDEEP

24576:CZkiBu2sha5aNQ4RVm2VKhRFlf03KhhjRjac3r3pAVvmq+nvSlEh:/32sha5qQawyKhtuKh9Rjac7/nvSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.50388b2ba0d64c4c15dd28efd09b57d0.exe

Files

NEAS.50388b2ba0d64c4c15dd28efd09b57d0.exe
.exe windows:4 windows x86

1214b0b74d6beee873ca838b3ce8d194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MapAndLoad
UnMapAndLoad

kernel32

SizeofResource
GetCPInfo
GetOEMCP
GetTickCount
RtlUnwind
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
GetExitCodeProcess
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
RaiseException
GetACP
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
RemoveDirectoryA
GetProfileStringA
GetLastError
CreateDirectoryA
GetTempPathA
ResumeThread
CloseHandle
WriteProcessMemory
TerminateProcess
OpenProcess
CreateProcessA
GlobalFree
GlobalAlloc
LocalFree
FormatMessageA
GetSystemInfo
GetComputerNameA
GetVolumeInformationA
GetWindowsDirectoryA
Sleep
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalLock
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WaitForSingleObject
SetEvent
SetThreadPriority
SuspendThread
CreateEventA
lstrlenW
GetFileAttributesA
GetFileSize
GetFileTime
lstrcpynA
FindClose
FindFirstFileA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
CreateFileA
SetFileAttributesA
LoadResource
FindResourceA
LockResource
GlobalUnlock
GetProcAddress
GetModuleHandleA
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
FreeLibrary
LoadLibraryA
WritePrivateProfileStringA
SetLastError
MulDiv
DuplicateHandle
GetCurrentProcess
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
DeleteFileA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempFileNameA
GetDiskFreeSpaceA
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
SetErrorMode

user32

LoadCursorA
GetSysColorBrush
CharNextA
SetWindowContextHelpId
MapDialogRect
DestroyIcon
WindowFromPoint
SetRect
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
RegisterClipboardFormatA
SetParent
PostThreadMessageA
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
SetWindowPlacement
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
LoadStringA
IsDialogMessageA
BringWindowToTop
SendDlgItemMessageA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindow
AdjustWindowRectEx
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
SetCursor
ShowOwnedPopups
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
UpdateWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
PostQuitMessage
LoadIconA
InvalidateRect
GetClientRect
IsIconic
PostMessageA
SendMessageA
DrawIcon
GetSystemMetrics
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
KillTimer
SetTimer
PtInRect
GetClassNameA
SetWindowTextA
WaitMessage
DrawMenuBar
GetMenu
ModifyMenuA
UnpackDDElParam
ReuseDDElParam
GetScrollPos
LoadMenuA
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
FindWindowA
DestroyMenu
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MapWindowPoints
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
LoadBitmapA
IsZoomed
ShowScrollBar
GetScrollRange
SetScrollRange
SetMenu

gdi32

CreateBitmap
CreateDIBitmap
GetTextExtentPointA
CreateCompatibleDC
BitBlt
CreateRectRgnIndirect
CombineRgn
SetRectRgn
PatBlt
GetMapMode
CreateFontIndirectA
GetBkColor
GetTextColor
GetTextMetricsA
DPtoLP
LPtoDP
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateRectRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysAllocString
VariantClear
SafeArrayDestroy
VariantInit
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysFreeString
VariantCopy
VariantChangeType
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SafeArrayPutElement

wininet

InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

wsock32

WSAGetLastError
WSASetLastError
WSACleanup
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
bind
ioctlsocket
accept
WSAStartup

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1214b0b74d6beee873ca838b3ce8d194

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

wsock32

Sections

.text Size: 276KB - Virtual size: 272KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 72KB - Virtual size: 136KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 276KB - Virtual size: 272KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 72KB - Virtual size: 136KB

.rsrc
Size: 48KB - Virtual size: 47KB