NEAS[.]61b2bd920c2197616bd9dda719091610[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.61b2bd920c2197616bd9dda719091610.exe
Size

4.3MB
MD5

61b2bd920c2197616bd9dda719091610
SHA1

a0efe2a29ffc74eb26e6fa238170ef51cf5265c0
SHA256

51dc0ce46c42c422fbe61ce146c0a8909096a71b3e13771f6ace66ea9da1aaeb
SHA512

6439171067243dff206a5de9eeac08fc67ad8c86b0d56378073375ac4a6402a61fb6d51f1fa482d8f85b761dc90695774002658b3e7cf972c2dd987bdaf02013
SSDEEP

98304:dT5C+t0s+3Q9hABSQfPfAPyondy1mD8LPej+l3L6Q1YyL:dT59t0s+YhAfYgej+lbFB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.61b2bd920c2197616bd9dda719091610.exe

Files

NEAS.61b2bd920c2197616bd9dda719091610.exe
.exe windows:6 windows x86

e166b72632366a36b95f56a67dbb6226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
GetConsoleMode
SetStdHandle
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
WriteConsoleW
GetFileType
GetStdHandle
GetDriveTypeW
SetFilePointerEx
GetModuleHandleExW
RtlUnwind
GetCPInfo
GetStringTypeW
GetDateFormatW
InitializeCriticalSectionEx
QueryPerformanceFrequency
GetConsoleOutputCP
GetTimeFormatW
LCMapStringW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SearchPathW
GetProfileIntW
GetTempPathW
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
GetTempFileNameW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
lstrcpyW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SetThreadPriority
CreateEventW
SetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
GlobalGetAtomNameW
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetModuleHandleA
SetLastError
FormatMessageW
MulDiv
LocalFree
CreateDirectoryA
RemoveDirectoryA
OutputDebugStringA
FindNextFileA
FindFirstFileA
SetFilePointer
CreateFileA
SetFileAttributesA
GetFileAttributesA
lstrlenA
ExitProcess
GlobalFree
ResumeThread
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GetProcessHeap
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetSystemDirectoryW
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32NextW
Process32FirstW
GetCurrentProcessId
CreateToolhelp32Snapshot
SetFileAttributesW
SetCurrentDirectoryA
GetCurrentDirectoryA
DeleteFileA
GetTickCount
WriteFile
MoveFileW
WaitForSingleObject
TerminateThread
CreateThread
FindResourceW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameA
GetCurrentDirectoryW
GlobalMemoryStatusEx
GetProcAddress
GetCurrentProcess
CreateDirectoryW
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
WinExec
CreateMutexA
OpenMutexA
CloseHandle
RaiseException
OutputDebugStringW
GetLastError
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleW
CopyFileW
Sleep
DeleteFileW
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableW

user32

UnpackDDElParam
DestroyIcon
IntersectRect
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CheckDlgButton
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
MessageBeep
GetMenuDefaultItem
DrawIconEx
EnableScrollBar
GetCursorPos
GetWindowRect
PtInRect
SetCursor
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
HideCaret
GetMessagePos
PeekMessageW
DispatchMessageW
IsRectEmpty
SetRectEmpty
SystemParametersInfoW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ShowOwnedPopups
IsZoomed
InflateRect
GetSysColorBrush
RealChildWindowFromPoint
GetMenuItemInfoW
TrackMouseEvent
CopyImage
SendDlgItemMessageA
LoadMenuW
FillRect
ScreenToClient
EndPaint
UnionRect
WaitMessage
GetSystemMenu
DeleteMenu
SetParent
CharNextW
CopyAcceleratorTableW
InvalidateRgn
ReuseDDElParam
LoadCursorW
SendMessageW
GetDC
ReleaseDC
SetForegroundWindow
SetActiveWindow
SetWindowRgn
InvalidateRect
EnableWindow
SetRect
SetTimer
KillTimer
GetAsyncKeyState
LoadIconW
GetWindowLongW
SetWindowLongW
LoadImageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
RedrawWindow
SetCapture
ReleaseCapture
IsWindowVisible
GetParent
wsprintfW
PostMessageW
GetSysColor
DestroyWindow
RegisterClassW
CreateWindowExW
ShowWindow
GetWindowTextW
SetWindowTextW
CallWindowProcW
SetFocus
DefWindowProcW
IsWindow
EqualRect
GetCapture
WindowFromPoint
DrawEdge
OffsetRect
DrawFocusRect
LoadBitmapW
ClientToScreen
GetNextDlgGroupItem
UnregisterClassW
DrawTextW
GetIconInfo
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
GetDesktopWindow
MessageBoxW
GetWindowThreadProcessId
GetLastActivePopup
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
RegisterWindowMessageW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
DrawFrameControl
SetCursorPos
CopyIcon
FrameRect
LockWindowUpdate
RegisterClipboardFormatW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GetMessageTime

gdi32

GetClipBox
PatBlt
RectVisible
RestoreDC
RealizePalette
SaveDC
ExtSelectClipRgn
SetBkMode
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
SetTextColor
CreateDIBSection
CreatePalette
SelectPalette
DeleteEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
PlayEnhMetaFile
SetEnhMetaFileBits
SetWinMetaFileBits
ExtTextOutW
CopyMetaFileW
CreateDCW
CreateHatchBrush
CreatePen
CreatePatternBrush
Escape
ExcludeClipRect
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
CreateRectRgnIndirect
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateEllipticRgn
Ellipse
DPtoLP
LPtoDP
GetTextMetricsW
GetMapMode
SetRectRgn
GetBkColor
GetTextColor
GetRgnBox
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExW
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateBitmap
CombineRgn
CreateRectRgn
SelectClipRgn
GetTextExtentPoint32W
DeleteObject
CreateDIBitmap
RemoveFontMemResourceEx
AddFontMemResourceEx
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
SelectObject
GetStockObject
BitBlt
CreateICW
GetDIBits
DeleteDC
ExtCreateRegion
CreateSolidBrush
CreateBitmapIndirect
CreateCompatibleBitmap
StretchBlt
SetPixel
GetPixel
GetBitmapBits
MoveToEx
SetBkColor
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCreateKeyExW
GetTokenInformation
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW

comctl32

ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
StrStrW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

uxtheme

CloseThemeData
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
GetThemePartSize
IsAppThemed
GetThemeColor
GetCurrentThemeName
GetWindowTheme

ole32

StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
OleDraw
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitialize
OleLockRunning

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroy
SafeArrayCreate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
VariantChangeType
VariantInit
VariantClear
VariantCopy
SysFreeString
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysAllocStringLen

oledlg

OleUIBusyW

winmm

PlaySoundW
timeGetTime

wininet

DeleteUrlCacheEntryW
InternetOpenW
InternetOpenUrlW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

d3d9

Direct3DCreate9

ws2_32

ntohl
ntohs
htonl
htons

gdiplus

GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 884KB - Virtual size: 883KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e166b72632366a36b95f56a67dbb6226

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

wininet

version

d3d9

ws2_32

gdiplus

oleacc

imm32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 602KB - Virtual size: 601KB

.data Size: 49KB - Virtual size: 181KB

.rsrc Size: 884KB - Virtual size: 883KB

.reloc Size: 171KB - Virtual size: 170KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 602KB - Virtual size: 601KB

.data
Size: 49KB - Virtual size: 181KB

.rsrc
Size: 884KB - Virtual size: 883KB

.reloc
Size: 171KB - Virtual size: 170KB