NEAS[.]2e58f364010195c75dc023605f442090[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.2e58f364010195c75dc023605f442090.exe
Size

2.1MB
MD5

2e58f364010195c75dc023605f442090
SHA1

00611e35808534e17ba11b7d873edb4a18c498fd
SHA256

9a3df2b190af57e6cbc7666568b4a1a6c136fcf363d62492610e95c988f48123
SHA512

8554e91d24b8a2094287ffc1375424cb0631c5c72d964a5f93dece8259da125c275d99db8ba92652ef6967ad6971f398c6b66d4fad64632765489d560b4efeee
SSDEEP

49152:jdt9dH31SApfcfWMHe/zkFZnn6bjRIL313/6zQo09:jdbdH31SsfcfWF/zUZnneFIL313/6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2e58f364010195c75dc023605f442090.exe

Files

NEAS.2e58f364010195c75dc023605f442090.exe
.exe windows:6 windows x86

14113c459623e0e206b5e4cef5657c94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
GetStdHandle
GetFileType
GetSystemTimeAsFileTime
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
HeapSize
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
HeapReAlloc
HeapFree
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
lstrcpyW
GlobalFindAtomW
FreeResource
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GetSystemDirectoryW
DecodePointer
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
LoadLibraryW
LoadLibraryA
lstrcmpiW
GetModuleHandleA
GetVersion
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
GetFileAttributesW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetCurrentThread
WideCharToMultiByte
CopyFileW
FindResourceW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SizeofResource
LockResource
LoadResource
InitializeCriticalSectionEx
CreateProcessW
GetVersionExW
GetModuleHandleW
GetTickCount
GetProcAddress
TlsFree
TlsSetValue
GetCurrentThreadId
TlsGetValue
MultiByteToWideChar
WaitForMultipleObjects
SetEvent
WaitForSingleObject
CreateEventA
SetLastError
InterlockedCompareExchange
GetQueuedCompletionStatus
SetWaitableTimer
CreateIoCompletionPort
PostQueuedCompletionStatus
SleepEx
CreateEventW
QueueUserAPC
InitializeCriticalSectionAndSpinCount
InterlockedExchangeAdd
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
GetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
TerminateThread
Sleep
GetStringTypeW
CreateThread
FormatMessageA

user32

LoadImageW
OffsetRect
IntersectRect
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
UnregisterClassW
DestroyIcon
IsIconic
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
FillRect
SetCursorPos
BeginPaint
UnpackDDElParam
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
KillTimer
SetTimer
RealChildWindowFromPoint
GetWindow
PtInRect
GetWindowRect
SetWindowTextW
GetDlgCtrlID
DeleteMenu
SystemParametersInfoW
CopyImage
GetClientRect
GetDesktopWindow
WindowFromPoint
ScreenToClient
ClientToScreen
ReleaseCapture
SetCapture
GetCapture
WaitMessage
GetWindowTextLengthW
LoadCursorW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumWindows
GetClassNameW
GetWindowTextW
GetMenuStringW
GetKeyboardState
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SendMessageW
GetSystemMetrics
CharUpperW
PostQuitMessage
PostMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
ReuseDDElParam
GetMenuItemInfoW
InflateRect
DrawIcon
GetWindowRgn
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
SendDlgItemMessageA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
GetWindowDC
SetClassLongW
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
LockWindowUpdate
SetRect
SetParent
GetSystemMenu
IsRectEmpty
UnionRect
MapVirtualKeyW
GetKeyNameTextW
GetNextDlgTabItem
EndDialog
EndPaint
CreateDialogIndirectParamW
ModifyMenuW

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateFontIndirectW
GetTextExtentPoint32W
GetClipBox
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
GetBkColor
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
CreateBitmap
GetDeviceCaps
CombineRgn
CopyMetaFileW
CreateDCW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHAppBarMessage
SHGetSpecialFolderPathW

shlwapi

UrlEscapeW
PathAppendW
SHGetValueW
StrToIntW
SHSetValueW
StrStrW
SHDeleteValueW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
IsAppThemed
OpenThemeData
CloseThemeData
GetThemePartSize

ole32

ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VarBstrFromDate
SysAllocString
SysFreeString
VariantCopy
VariantClear
VariantInit

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

ws2_32

connect
freeaddrinfo
getaddrinfo
WSAGetLastError
select
setsockopt
WSASocketW
WSASend
WSARecv
ioctlsocket
closesocket
WSACleanup
WSAStartup
WSASetLastError
getsockopt

oleacc

LresultFromObject
AccessibleChildren
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14113c459623e0e206b5e4cef5657c94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 335KB - Virtual size: 334KB

.data Size: 29KB - Virtual size: 69KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 402KB - Virtual size: 402KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 335KB - Virtual size: 334KB

.data
Size: 29KB - Virtual size: 69KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 402KB - Virtual size: 402KB