NEAS[.]e7de09eee4420e4d08f3a20a9a9323b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e7de09eee4420e4d08f3a20a9a9323b0.exe
Size

100KB
MD5

e7de09eee4420e4d08f3a20a9a9323b0
SHA1

e532ed31df439e053843c08574243d6064bd3dda
SHA256

47a234480d6b196233a94b0b3a5f49e05a0ff6fffde54be091b93b292fbaa2d1
SHA512

cf0a841430b43786274d5dec65b9782930c4ce0a8a8c296b88b87fa7602b77327feb8e919e10337fd96de7e1eb0443b3f22f04b355acedf1d31ca48379f831a6
SSDEEP

3072:EFZSTefUdBPKdo/Ad0LPEzt9pmAd7cCSNFNFLq91:EkTwUdBPHIduPItPUqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e7de09eee4420e4d08f3a20a9a9323b0.exe

Files

NEAS.e7de09eee4420e4d08f3a20a9a9323b0.exe
.dll windows:5 windows x64

e3b970bd0db0cda478854d0bfb4d845f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
FreeLibrary
OutputDebugStringW
WriteFile
WideCharToMultiByte
LoadLibraryW
InitializeCriticalSectionAndSpinCount
Sleep
CreateFileW
RaiseException
GetLastError
GetProcAddress
GetLocalTime
DecodePointer
DeleteCriticalSection
CloseHandle
CreateDirectoryW
GetPrivateProfileStructW
GetPrivateProfileIntW
GetFileSizeEx
GetFileTime
DeleteFileW
LCMapStringW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
EncodePointer
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
HeapSize
RtlUnwindEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
HeapAlloc
RtlPcToFileHeader
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetModuleFileNameW
LoadLibraryExW
SetStdHandle
WriteConsoleW
GetStringTypeW
FlushFileBuffers

user32

KillTimer
wsprintfW
SendMessageW
SetTimer

Exports

Exports

RcEnum
RcGetInfo2
RcStart
RcStop

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3b970bd0db0cda478854d0bfb4d845f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 18KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 18KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB