NEAS[.]9e419a56a106c8ba4c646c45f75fb0c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9e419a56a106c8ba4c646c45f75fb0c0.exe
Size

2.0MB
MD5

9e419a56a106c8ba4c646c45f75fb0c0
SHA1

22d747346206d7e1472c854d7127f7c719b0eaa9
SHA256

9845f5e35ec9101a3ea6ef761f9706fec20fe4dc8470bca3a7e792159d52c1fd
SHA512

975006373e043f7e208ded3aefad73beb71254bb201aac5f9ce617e51c4ff89e332c044a262545cac90be12162c1744fbd03f6fc1c3a5183d2b2a81c3c3a87c3
SSDEEP

24576:FoP6EpydiiHjDwRejnW21NMjw2htUsnRa4I0:/OXRejnW21NMjlht/E4I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9e419a56a106c8ba4c646c45f75fb0c0.exe

Files

NEAS.9e419a56a106c8ba4c646c45f75fb0c0.exe
.exe windows:4 windows x86

ee6cd84a0235215edb32ad29fc54be8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameW
InterlockedDecrement
VirtualProtect
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetAtomNameA
GlobalFlags
SetErrorMode
GetCPInfo
GetOEMCP
GetTempFileNameA
GetDiskFreeSpaceA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetPrivateProfileIntA
ExitProcess
GetSystemTimeAsFileTime
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
SetStdHandle
GetFileType
GetACP
IsValidCodePage
FatalAppExitA
HeapDestroy
HeapCreate
GetStdHandle
Sleep
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetConsoleCtrlHandler
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
GetLocaleInfoA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GetFileAttributesA
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindClose
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
MoveFileA
GetCurrentProcessId
GlobalSize
MulDiv
EnumResourceTypesA
EnumResourceNamesA
FindResourceExA
IsBadStringPtrA
ReadFile
SetEndOfFile
SetFilePointer
lstrcmpA
IsBadWritePtr
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentDirectoryA
GetUserDefaultLangID
VirtualAlloc
VirtualFree
VirtualQueryEx
VirtualProtectEx
WriteProcessMemory
EnumResourceLanguagesA
CopyFileA
TerminateProcess
WaitForSingleObject
ReadProcessMemory
OpenProcess
GetTickCount
DeleteFileA
GlobalFree
SetLastError
GetWindowsDirectoryA
lstrcatA
WinExec
lstrcpyA
GlobalLock
GlobalUnlock
SetFileApisToANSI
GetCommandLineA
GetFileTime
LoadLibraryExA
FindFirstFileA
LoadLibraryA
FreeLibrary
FindNextFileA
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalAlloc
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
MultiByteToWideChar
InterlockedExchange
lstrcpynA
GetLastError
FormatMessageA
LocalFree
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
CloseHandle
IsBadReadPtr
WriteFile
HeapSize

user32

SetWindowTextA
ScrollWindowEx
CreateDialogIndirectParamA
GetActiveWindow
PostQuitMessage
ValidateRect
TranslateMessage
ShowOwnedPopups
GetKeyNameTextA
MapVirtualKeyA
MapDialogRect
SetWindowContextHelpId
GetMenuItemInfoA
DestroyMenu
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetSysColorBrush
GetDialogBaseUnits
WaitMessage
UnregisterClassA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
SetParent
GetDCEx
LockWindowUpdate
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuStringA
DialogBoxParamA
GetWindowTextA
GetDlgItem
TrackPopupMenuEx
GetAsyncKeyState
DrawIconEx
DestroyWindow
DestroyIcon
CreateIconFromResourceEx
EndDialog
SetClipboardData
GetMessagePos
GetUpdateRect
EndPaint
GetCursorPos
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
CheckMenuItem
CallWindowProcA
IsClipboardFormatAvailable
GetMessageA
GetClipboardData
CloseClipboard
OpenClipboard
SetWindowLongA
CopyIcon
MessageBeep
ReleaseDC
GetDC
SetCursor
EmptyClipboard
RegisterClipboardFormatA
GetKeyState
GetClassInfoA
LoadCursorA
DefWindowProcA
ShowCaret
SetCaretPos
CreateCaret
ShowScrollBar
GetNextDlgTabItem
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
PostMessageA
DestroyCaret
ShowWindow
IsWindowVisible
MoveWindow
ScreenToClient
EqualRect
UnionRect
GetWindowLongA
CopyImage
ReleaseCapture
WindowFromPoint
ClientToScreen
DrawFrameControl
DrawEdge
FrameRect
FillRect
LoadBitmapA
OffsetRect
InflateRect
CopyRect
DrawStateA
GetFocus
RedrawWindow
InvalidateRect
UpdateWindow
DrawFocusRect
GetSysColor
IsWindow
IsMenu
GetSystemMetrics
LoadIconA
IsIconic
GetSystemMenu
GetMenu
RemoveMenu
InsertMenuA
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
CreatePopupMenu
DrawIcon
SetRect
CharUpperW
CharUpperA
CharLowerW
CharLowerA
GetDesktopWindow
GetParent
GetClientRect
GetWindowRect
SendMessageA
EnableWindow
MessageBoxA
PtInRect
wsprintfA
BeginPaint

gdi32

PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
GetViewportExtEx
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
ArcTo
ExtCreatePen
CreateHatchBrush
GetDCOrgEx
PatBlt
OffsetWindowOrgEx
CombineRgn
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
StretchDIBits
EnumFontFamiliesExA
GetCurrentPositionEx
ScaleWindowExtEx
PlayMetaFile
SetWindowExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetTextExtentPoint32A
Rectangle
CreatePen
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
SetRectRgn
CreateSolidBrush
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
DPtoLP
GetMapMode
CreateDIBitmap
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
GetCharWidthA
BitBlt
Polygon
Polyline
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontA
CreateFontIndirectA
GetStockObject
SetPixel
GetObjectA
GetWindowExtEx

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA

shell32

ExtractIconA
DragFinish
SHGetFileInfoA
DragQueryFileA
ShellExecuteA

comctl32

ord8

oledlg

ord8

ole32

OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoDisconnectObject
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
OleRun
CreateILockBytesOnHGlobal
CoRegisterClassObject
StringFromGUID2
CoGetClassObject
StringFromCLSID
StgOpenStorageOnILockBytes
CoTreatAsClass
CoRevokeClassObject
CreateBindCtx

oleaut32

SafeArrayGetElement
SystemTimeToVariantTime
VarUdateFromDate
LoadTypeLi
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantTimeToSystemTime
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit

imagehlp

ImageRvaToVa
CheckSumMappedFile
ImageNtHeader

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveExtensionA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee6cd84a0235215edb32ad29fc54be8c

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

imagehlp

shlwapi

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 352KB - Virtual size: 348KB

.data Size: 48KB - Virtual size: 65KB

.idata Size: 20KB - Virtual size: 18KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 112KB - Virtual size: 110KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 352KB - Virtual size: 348KB

.data
Size: 48KB - Virtual size: 65KB

.idata
Size: 20KB - Virtual size: 18KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 112KB - Virtual size: 110KB

.rmnet
Size: 60KB - Virtual size: 60KB