NEAS[.]03666ff5efa89a722b597bbcaf17f410[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.03666ff5efa89a722b597bbcaf17f410.exe
Size

4.6MB
MD5

03666ff5efa89a722b597bbcaf17f410
SHA1

72c82bf0b2a0c4230dc0c95e00a33184f46b5da4
SHA256

bd8a01dbe758ca4677d5d349b896b00c9d7df8867eedccc1cc9eaabce05a95c8
SHA512

da2bd5ce3905a19503fc5e4df260f87ca2a716560a25ea5eafcb549d4de35a63431723ef3e6a44cffb6f33cc63f179b987df8c3393f016f630e35a6ac4f9e398
SSDEEP

98304:o6Jq5T6s57/+7B/NmoiFTGF9LLM3oG2S5BhtTR1FSn:s96skB/N9jDVoY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.03666ff5efa89a722b597bbcaf17f410.exe

Files

NEAS.03666ff5efa89a722b597bbcaf17f410.exe
.exe windows:4 windows x86

4593f9cc14eded068a048d93b61fbd06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

kernel32

FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoA
CloseHandle
CompareStringW
CreateDirectoryW
CreateFileW
CreateProcessW
DeleteCriticalSection
DeleteFileW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
GetACP
GetConsoleOutputCP
GetCPInfo
GetCurrentDirectoryW
GetCurrentProcess
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileInformationByHandle
GetFileType
GetFullPathNameW
GetLastError
GetModuleFileNameW
LoadLibraryA
GetOEMCP
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTempPathW
GetTimeZoneInformation
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExW
LocalFree
MultiByteToWideChar
PeekNamedPipe
RaiseException
GetModuleHandleA
ReadFile
RemoveDirectoryW
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
GetProcAddress
GetCommandLineW
GetConsoleMode
MulDiv
GetModuleHandleW
ReadConsoleW

user32

GetClientRect
DrawTextW
SendMessageW
CreateWindowExW
SystemParametersInfoW
GetDialogBaseUnits
GetKeyboardType
VkKeyScanA
SetWindowLongW
ReleaseDC
MoveWindow
MessageBoxW
MessageBoxA
InvalidateRect
GetWindowLongW
GetDC
EndDialog
DialogBoxIndirectParamW
DestroyIcon

gdi32

SelectObject
CreateFontIndirectW
DeleteObject

advapi32

GetTokenInformation
OpenProcessToken

shell32

CommandLineToArgvW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data5
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btls8
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

dag1027
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4593f9cc14eded068a048d93b61fbd06

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 4KB - Virtual size: 3KB

.data5 Size: 4KB - Virtual size: 4.0MB

.btls8 Size: 8KB - Virtual size: 4KB

.rsrc Size: 516KB - Virtual size: 515KB

dag1027 Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 4KB - Virtual size: 3KB

.data5
Size: 4KB - Virtual size: 4.0MB

.btls8
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 516KB - Virtual size: 515KB

dag1027
Size: 1.8MB - Virtual size: 1.8MB