NEAS[.]b7f94e4100cc2b8cdeccfc8cab8b3c40[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b7f94e4100cc2b8cdeccfc8cab8b3c40.exe
Size

200KB
MD5

b7f94e4100cc2b8cdeccfc8cab8b3c40
SHA1

d512137acc2ac58a5b922cae4a7e73d717d7a5d2
SHA256

9a9ad9ea86698de9cb67eabfecef6abe96544577099502f11b050bf8fac276b4
SHA512

8c462e51514d49b6ca2c09842ea8cd33a395dbdd1fbc8cbe5a558e7338acee05d82ffb223e434a71929eeea8d5ed7241449f66619b4c3cf16a6861b16a941fb2
SSDEEP

3072:hzUWzGMrL+a1KfMMmrwAKP3zzWmOpu6LMekYZ9JToXnqne+:1U1MODrZ/WmO7k8n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b7f94e4100cc2b8cdeccfc8cab8b3c40.exe

Files

NEAS.b7f94e4100cc2b8cdeccfc8cab8b3c40.exe
.exe windows:4 windows x86

9cdc34b77124d84df4f4440d7b58799e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
socket
closesocket
inet_addr
htons
htonl
bind
ioctlsocket
sendto
WSAStartup
recvfrom
WSAGetLastError

wininet

InternetGetLastResponseInfoA
InternetGetConnectedState
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FreeLibrary
InterlockedIncrement
InterlockedDecrement
lstrlenA
LocalFree
FormatMessageA
SetLastError
lstrcpyA
DuplicateHandle
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcpynA
GetFullPathNameA
lstrcmpiA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
WaitForSingleObject
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
LoadResource
FindResourceA
LockResource
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
FileTimeToSystemTime
FileTimeToLocalFileTime
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetFileAttributesA
GetFileTime
SetErrorMode
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
MulDiv
GlobalFlags
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualAllocEx
VirtualAlloc
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GetVersion
WideCharToMultiByte
VirtualFreeEx
TerminateProcess
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
FindClose
FindNextFileA
CopyFileA
FindFirstFileA
CreateDirectoryA
GetSystemDirectoryA
DeleteFileA
MoveFileA
GetWindowsDirectoryA
MultiByteToWideChar
SetFileAttributesA
CloseHandle
GetLastError
CreateMutexA
GetModuleFileNameA
SleepEx
WinExec
GetProcAddress
GetCurrentProcessId
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
GetDriveTypeA
GetVolumeInformationA
GetCurrentProcess
VirtualFree

user32

GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetDlgCtrlID
GetWindowTextA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
IsDialogMessageA
SetWindowTextA
MoveWindow
LoadStringA
LoadCursorA
ClientToScreen
PtInRect
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetSysColorBrush
DestroyMenu
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
UnregisterClassA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
ValidateRect
PeekMessageA
GetCursorPos
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
CharUpperA
FindWindowExA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetClassNameA
GetWindowLongA
SetWindowLongA
SetWindowPos
SendMessageA
GetWindow
IsWindowVisible
GetParent
GetSystemMetrics
EnableWindow
GetClientRect
KillTimer
IsIconic
ShowWindow
FindWindowA
SetTimer
SystemParametersInfoA
PostMessageA
wsprintfA
GetDlgItem
GetWindowThreadProcessId
DestroyWindow

gdi32

GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Rectangle

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoInitialize
CoUninitialize
CoCreateInstance

url

InetIsOffline

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cdc34b77124d84df4f4440d7b58799e

Headers

File Characteristics

Imports

ws2_32

wininet

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

url

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 20KB - Virtual size: 30KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 20KB - Virtual size: 30KB

.rsrc
Size: 12KB - Virtual size: 8KB