NEAS[.]5d12eaf3e31fe8330b6b194a98b9c710[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5d12eaf3e31fe8330b6b194a98b9c710.exe
Size

294KB
MD5

5d12eaf3e31fe8330b6b194a98b9c710
SHA1

dd11c3d5eb20b76bf28969aa5013514445a7327b
SHA256

c4537db6bc5a5af877abd32a9f41e51e6d51ca7ed453bd2f50b40f054aee51e4
SHA512

e20bc0b4076e48a2cffcb845e3b62317c9de446cea31d662c8b0c2c7ed9a6d73e9a874b29ec4c5e7a08552e3a158658868afc035a59a81b6b0f4ee835721b706
SSDEEP

6144:+lwWHNKpOWJJyjaeQdUOptuIkXhVL5HQZZpHhYw:Qgyu7iO/JkRzQZjhv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5d12eaf3e31fe8330b6b194a98b9c710.exe

Files

NEAS.5d12eaf3e31fe8330b6b194a98b9c710.exe
.dll regsvr32 windows:4 windows x86

71742d461e59aa81ea6b2a89d940cd36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
LockResource
FindResourceExA
LocalFree
GetLocaleInfoA
GetVersionExA
lstrlenA
GetACP
LocalAlloc
GetThreadLocale
VirtualProtect
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CloseHandle
lstrcmpiA
lstrlenW
GetModuleFileNameA
LoadLibraryW
GetLastError
WideCharToMultiByte
CreateProcessA
GetTempFileNameA
GetTempPathA
HeapFree
HeapAlloc
GetProcAddress
MultiByteToWideChar
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

UnregisterClassA
CharNextA
LoadStringA

advapi32

RegQueryValueExW
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyExW

ole32

CoInitialize
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoUninitialize
CoCreateInstance
CoTaskMemFree
OleRun

oleaut32

VariantChangeType
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString
CreateErrorInfo

mfc80

ord1209
ord1177
ord1175
ord1201
ord1120
ord1167
ord371
ord1098
ord764
ord1187
ord1185
ord1191
ord1084
ord266
ord578
ord304
ord876
ord6754
ord3683
ord566
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord757
ord3830
ord1049
ord314
ord2248
ord1917
ord265
ord762
ord1031
ord3514
ord1208
ord1206
ord1092
ord1037
ord315
ord765
ord581

msvcr80

__CxxFrameHandler3
memset
_mbsnbcpy_s
memcpy_s
strcpy_s
wcsncpy_s
strcat_s
wcsrchr
memcpy
vswprintf_s
vsprintf_s
fclose
fwprintf_s
fopen_s
_except_handler4_common
?terminate@@YAXXZ
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_resetstkoflw
_recalloc
wcsncmp
_vsnwprintf
wcscpy_s
malloc
free
_CxxThrowException

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71742d461e59aa81ea6b2a89d940cd36

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

mfc80

msvcr80

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 225KB - Virtual size: 228KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 225KB - Virtual size: 228KB