NEAS[.]17fe88a2be06be2fa3ddc2f251432ba0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.17fe88a2be06be2fa3ddc2f251432ba0.exe
Size

5.5MB
MD5

17fe88a2be06be2fa3ddc2f251432ba0
SHA1

f55296bf33c079452a1977185ebd5dd0f43a872d
SHA256

f532c748f68d51e0acd103b1b0bf4b337b2d84cd209ed5998a01b53dedf74c9a
SHA512

54ba8d3200085f932ba13c2e3b8c9b80afdbe3fb524df87adfb4f9079cea69c825d23b1f544cfedacdda6a001e254aacae63c178191d17f3e9837a41965d0e9d
SSDEEP

98304:mToH1Cz708r7CYWnVWT8Z4hFLhJn4Gha2vDemyA7bi:VSbmYvOS485cAa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.17fe88a2be06be2fa3ddc2f251432ba0.exe

Files

NEAS.17fe88a2be06be2fa3ddc2f251432ba0.exe
.exe windows:4 windows x86

7980857acd88d7d6209e875f979df38f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
IsDBCSLeadByte
SetLastError
GlobalFree
GlobalHandle
lstrcmpA
MulDiv
GetModuleFileNameA
FreeLibrary
LoadLibraryExA
GetModuleHandleA
FindFirstFileW
CreateFileW
CreateFileA
SetEndOfFile
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetCurrentProcessId
GetTickCount
lstrcmpiA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
HeapSize
Sleep
ExitProcess
LeaveCriticalSection
HeapDestroy
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
VirtualAlloc
VirtualFree
InterlockedIncrement
GetLastError
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
QueryPerformanceCounter
InitializeCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
InterlockedDecrement
RaiseException
FindResourceA
LoadResource
SizeofResource
LockResource
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualProtect
GetProcAddress
GetFileSizeEx
SetFilePointerEx
GetFileAttributesW
ReadFile
GetCurrentThread
SetThreadPriority
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
HeapCreate
FreeResource
FindClose

user32

GetParent
UnregisterClassA
SetWindowPos
GetWindowLongA
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
SetWindowLongA
ShowWindow
MapWindowPoints
GetDlgItem
GetSystemMetrics
GetActiveWindow
SetWindowContextHelpId
MapDialogRect
DialogBoxParamA
PostQuitMessage
LoadImageA
IsDialogMessageA
KillTimer
SetTimer
MessageBoxA
CreateAcceleratorTableA
CreateWindowExA
IsWindow
SendMessageA
GetDesktopWindow
SetFocus
GetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
EndDialog
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
GetSysColor
CreateDialogIndirectParamA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CharNextA
DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA

gdi32

GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
LoadTypeLi

comctl32

InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7980857acd88d7d6209e875f979df38f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 5.3MB - Virtual size: 5.3MB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 5.3MB - Virtual size: 5.3MB