NEAS[.]98938f5018fafd6a223f22aaa0d9db30[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.98938f5018fafd6a223f22aaa0d9db30.exe
Size

1.4MB
MD5

98938f5018fafd6a223f22aaa0d9db30
SHA1

87ff10b64162c02624be8f4668c46b487eb95de8
SHA256

a594e570c33fcdb1ca1b8cbda2c7485c422d96c54a0231a4fe44d11cd97d4de5
SHA512

d83f6895a08b6920ca9f1b1dea2cc412ef73de4591d2319b4ae04355776bb3d4ee4e5ff1d244118ed6c3654d3b9e5d0e72a5239d0a0a4823a98df8a522b18f07
SSDEEP

24576:c7sSf1cb276yalTMKt9+f+40Ix2pvSuOrCt6IM/MWo51cW:VQmAkJMEy0g2pKbpY51cW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.98938f5018fafd6a223f22aaa0d9db30.exe

Files

NEAS.98938f5018fafd6a223f22aaa0d9db30.exe
.dll windows:4 windows x86

2706c0bd43d8e8dc5e54ef17ca1fa626

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
SetFilePointer
CreateSemaphoreA
WriteFile
ReleaseSemaphore
FindResourceA
LoadResource
EnterCriticalSection
GetCurrentProcessId
WaitForSingleObject
LeaveCriticalSection
GlobalAlloc
GlobalFree
LoadLibraryA
HeapFree
GetProcAddress
VirtualProtect
HeapAlloc
GetProcessHeap
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LockResource
CreateFileA
GetEnvironmentStrings
GetLastError
ReadFile
TlsGetValue
GetTickCount
GetFileType
TlsSetValue
TlsFree
TlsAlloc
FreeEnvironmentStringsA
GetStdHandle
lstrcpyA

user32

LoadBitmapA
GetDC
ReleaseDC
GetSysColorBrush
RegisterClassA
CreateWindowExA
SetWindowLongA
DestroyWindow
UnregisterClassA
DialogBoxParamA
PeekMessageA
LoadCursorA
SetCursor
BeginPaint
EndPaint
SetCapture
ReleaseCapture
DefWindowProcA
EndDialog
GetDlgItem
InvalidateRect
GetWindowLongA
IsRectEmpty
FillRect
PtInRect
DrawTextA
OffsetRect
LoadImageA
SetRect
DrawIconEx
MessageBoxA

gdi32

SelectObject
CreateDCA
SetBkColor
CreateSolidBrush
DeleteDC
StretchBlt
SetBrushOrgEx
MoveToEx
LineTo
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
SetTextColor
BitBlt
DeleteObject
GetStockObject
CreateCompatibleBitmap
SetStretchBltMode
SetBkMode

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

main

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2706c0bd43d8e8dc5e54ef17ca1fa626

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 74B

.data Size: 14KB - Virtual size: 75KB

.idata Size: 2KB - Virtual size: 2KB

.exc Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 74B

.data
Size: 14KB - Virtual size: 75KB

.idata
Size: 2KB - Virtual size: 2KB

.exc
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 10KB - Virtual size: 9KB