NEAS[.]f6335e535fc48a13130f1a3c9c83bc60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f6335e535fc48a13130f1a3c9c83bc60.exe
Size

6.9MB
MD5

f6335e535fc48a13130f1a3c9c83bc60
SHA1

d029db6687880eaae32bb5ce6c01f4c91a6683cf
SHA256

2b36becce321445cb550016827e87bdb232cb61bfdb20fbaa4885bf96bf570e3
SHA512

4ab2c05138bcd0d619187a46b90f3a9e16367adc31e35e378b0838b02cfaec941b6defc415c7ed06c745b9b877ce600d1c744eb4a742598839cc945cfd4e07e6
SSDEEP

196608:WC+5y4Z+pH/i46ge1AxKajoXjynU2UQNBg00TZ:b+5y4IpHq46NzzynUw/gz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f6335e535fc48a13130f1a3c9c83bc60.exe

Files

NEAS.f6335e535fc48a13130f1a3c9c83bc60.exe
.dll windows:6 windows x64

0e1a928e8dab28656e251f1315a5dcae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
LocalFree
ReplaceFileW
DeleteCriticalSection
ExitProcess
GetModuleHandleW
FreeLibrary
CopyFileW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
AttachConsole
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
MultiByteToWideChar
ResetEvent
GetPriorityClass
CloseHandle
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
HeapFree
HeapReAlloc
HeapAlloc
DeleteFileW
ExitThread
CreateThread
GetTimeZoneInformation
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetCPInfo
CompareStringEx
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
InitOnceBeginInitialize
InitOnceComplete
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RaiseException
RtlPcToFileHeader
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
WideCharToMultiByte
QueryPerformanceFrequency
TerminateThread
SetEvent
OutputDebugStringW
GetFileAttributesExW
GetLastError
FormatMessageW
GetFileInformationByHandle
Sleep
CreateEventW
GetLogicalDriveStringsW
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
ResumeThread
GetComputerNameExW
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetEndOfFile
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
WaitForMultipleObjects
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetPriorityClass
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
GetThreadPriority
FreeLibraryAndExitThread
GetCurrentThread
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetLayeredWindowAttributes
GetMessageTime
UnhookWindowsHookEx
GetForegroundWindow
TrackMouseEvent
GetClipboardData
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
BringWindowToTop
MapWindowPoints
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
GetWindowLongPtrW
UnregisterClassW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
SendInput
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
InvalidateRect
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
OpenClipboard
GetAsyncKeyState
IsWindow
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
MessageBeep
SetWindowTextW
EndDialog
CallNextHookEx
GetAncestor
GetClassNameA
GetSystemMetrics
SetWindowPos
GetWindowRect
AttachThreadInput
GetWindowThreadProcessId
ReleaseDC
GetDC
GetWindowTextW
TranslateMessage
SendNotifyMessageW
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
SendMessageW
GetIconInfo
EnumDisplayMonitors
EnumChildWindows
MonitorFromWindow
MessageBoxW
IsWindowVisible
ToUnicode
SetClipboardData
SetWindowsHookExW
MapVirtualKeyW
SetCapture
DestroyCaret
LoadCursorW
GetMessagePos
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
LoadIconW
GetProcessWindowStation
GetUserObjectInformationW

gdi32

RemoveFontMemResourceEx
SetMapMode
DeleteObject
CreateFontIndirectW
GetGlyphOutlineW
GetGlyphIndicesW
ChoosePixelFormat
SwapBuffers
SetPixelFormat
SetMapperFlags
SaveDC
CreateDIBSection
StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CreateBitmap
CombineRgn
AddFontMemResourceEx
SelectObject
GetKerningPairsW
CreateCompatibleDC
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
GetOutlineTextMetricsW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
MapGenericMask
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
RegOpenKeyA
RegQueryValueExA
RegCloseKey
AccessCheck
GetNamedSecurityInfoW
DuplicateToken

shell32

ShellExecuteW
SHGetSpecialFolderPathW
DragQueryFileW
SHCreateShellItem
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
Shell_NotifyIconW

ole32

CoInitialize
CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
DoDragDrop
RegisterDragDrop
CoInitializeEx
RevokeDragDrop
PropVariantClear
CLSIDFromString
CoGetApartmentType
CoGetObjectContext

oleaut32

SysAllocString
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy

wininet

InternetReadFile
InternetCloseHandle
InternetSetOptionW
HttpOpenRequestW
InternetWriteFile
FtpOpenFileW
InternetOpenW
HttpQueryInfoW
InternetSetFilePointer
InternetCrackUrlW
HttpEndRequestW
HttpSendRequestExW
InternetConnectW

ws2_32

__WSAFDIsSet
closesocket
select
bind
setsockopt
ioctlsocket
sendto
freeaddrinfo
htons
htonl
getsockopt
recv
inet_ntoa
send
inet_addr
WSAStartup
getaddrinfo
accept

shlwapi

PathStripToRootW

winmm

midiOutMessage
midiInAddBuffer
midiInGetNumDevs
midiOutShortMsg
midiOutGetNumDevs
midiOutLongMsg
midiOutClose
timeGetTime
timeBeginPeriod
midiInMessage
midiInUnprepareHeader
midiInOpen
midiOutGetDevCapsW
midiOutPrepareHeader
midiOutOpen
midiInReset
midiInPrepareHeader
midiOutUnprepareHeader
midiInGetDevCapsW
midiInStart
midiInClose
midiInStop

imm32

ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmAssociateContextEx
ImmReleaseContext
ImmNotifyIME
ImmGetContext

dxgi

CreateDXGIFactory

opengl32

glPixelMapusv
glTexCoord3i
glLightModeli
glGetString
glTexCoord4s
glTexSubImage2D
glLighti
glOrtho
glTexCoord4d
glTexCoord2i
glDepthFunc
glPixelStorei
glColor4usv
glGetLightiv
glShadeModel
glColor4iv
glEvalCoord1fv
glRasterPos3iv
glDrawBuffer
glVertex3iv
glEvalCoord1dv
glGetPixelMapfv
glTexCoord1fv
glPrioritizeTextures
glCopyTexImage2D
glNormalPointer
glTexCoord1d
glGetFloatv
glRasterPos4dv
glIndexsv
glDeleteLists
wglMakeCurrent
glTexEnviv
glMaterialfv
glFogiv
glTexCoord1iv
glAreTexturesResident
glPushMatrix
glIsTexture
glPopName
glLightfv
glDisable
glEvalMesh2
glMultMatrixf
glGetTexGendv
glRasterPos4i
glColor4f
glGetError
glIndexs
glScalef
glRectf
glDrawElements
glGetTexParameteriv
glGetTexImage
glVertex2d
glTexCoord1s
glCopyTexImage1D
glGetClipPlane
glScaled
glColor3d
glListBase
glTexEnvi
glColorMaterial
glColor3ubv
glColorPointer
glColor4ub
glTexCoord1i
glColor3bv
glVertex3d
glFlush
glRasterPos3dv
glNormal3s
glBitmap
glFogi
glRasterPos3d
glClearIndex
glRasterPos2i
glIsEnabled
glRasterPos4d
glRotatef
glRasterPos2sv
glArrayElement
glPixelTransferf
glColor4b
glRasterPos2f
glColor3us
glGetPixelMapusv
glIndexMask
glTexCoord4i
glTexParameteriv
glFeedbackBuffer
glEvalMesh1
glPixelMapuiv
glVertex2f
glTexImage2D
glGetMaterialfv
glLightiv
glPushAttrib
glGetIntegerv
glPolygonStipple
glClearStencil
glLogicOp
glClearDepth
glLightf
glRectdv
glTranslatef
glTexGeni
glTexCoord3d
glPointSize
glColor3fv
glNormal3fv
glGetTexParameterfv
glMaterialf
glClearAccum
glRects
glPopMatrix
glEvalCoord2fv
glColor4i
glLightModeliv
glViewport
glTexImage1D
glDepthRange
glEdgeFlagv
glEnableClientState
glVertex4dv
glRecti
glColor3dv
glStencilOp
glNormal3sv
glVertex4sv
glIndexiv
glTexCoord3fv
glRasterPos3s
glInterleavedArrays
glClear
glEvalPoint2
glColor3uiv
glColor3ui
glIndexd
glVertex3i
glColor3s
glVertex2dv
glCopyPixels
glTexCoord3s
glPolygonOffset
glVertex2iv
wglShareLists
glTexSubImage1D
glLoadMatrixd
glIsList
glTexCoord2iv
glTexEnvf
glStencilMask
glTexCoord4fv
glRasterPos3fv
glGetTexLevelParameterfv
glMap1f
glNewList
glPopAttrib
glNormal3bv
glPolygonMode
glRotated
glTexGenf
wglGetCurrentContext
glColor3usv
glNormal3b
glPixelTransferi
glRasterPos3f
glRectfv
glBindTexture
glGetPointerv
glGenTextures
glNormal3dv
glColor4d
glRasterPos4iv
glVertexPointer
glGetMapiv
glEnable
glVertex3f
glIndexubv
glTexCoord3iv
glCullFace
glDepthMask
glPopClientAttrib
glRasterPos2d
glMapGrid1f
glGetLightfv
glLoadMatrixf
glTexGend
glTexCoord2d
glVertex3sv
glMapGrid2d
glEnd
glVertex4f
glPassThrough
glColor4s
glEdgeFlagPointer
glMaterialiv
glColor4ui
glVertex4d
glScissor
glFogf
glTexParameterfv
glTexCoord2dv
glSelectBuffer
glRasterPos3sv
glAccum
glGetMapfv
glTexCoord4dv
glTexCoord3sv
glCallList
glFogfv
glVertex2sv
glFrustum
glVertex3s
glCopyTexSubImage2D
glColor4bv
glRasterPos2dv
glTexCoord2f
glColor4uiv
glGetTexLevelParameteriv
glVertex4iv
glEvalPoint1
glDisableClientState
glGetTexGeniv
glColor4dv
glMateriali
glCopyTexSubImage1D
glRasterPos2iv
glGenLists
glMatrixMode
glTexCoord1f
glMapGrid1d
glTexCoord2fv
glEvalCoord2f
glTexGenfv
glTranslated
glVertex4fv
glRasterPos3i
glVertex3dv
glRasterPos4sv
glDrawPixels
glCallLists
glFrontFace
glIndexub
glTexGendv
glVertex2fv
glEvalCoord2dv
glTexCoord4iv
glLineWidth
glColor4sv
glColor3f
glNormal3f
glIndexfv
glRasterPos4s
glStencilFunc
glColor3i
glLineStipple
glTexCoord2sv
glBlendFunc
glReadPixels
wglCreateContext
glColorMask
glTexCoord4sv
glMap1d
glTexCoord3dv
glInitNames
glMapGrid2f
glRasterPos4f
glGetMaterialiv
glIndexdv
glLoadIdentity
glColor3iv
glEdgeFlag
glRasterPos4fv
glRasterPos2s
glMultMatrixd
glEndList
glIndexPointer
wglGetProcAddress
glVertex3fv
glLoadName
glTexGeniv
glLightModelf
glRectiv
glPixelMapfv
glTexParameteri
glNormal3iv
glTexEnvfv
glVertex4s
glRenderMode
glFinish
glEvalCoord1d
glMap2f
glColor4ubv
glColor4fv
glDeleteTextures
glGetPolygonStipple
glGetTexEnvfv
glTexCoord2s
glTexCoord4f
glRectd
glVertex4i
glTexCoord3f
glPushClientAttrib
glHint
glReadBuffer
glTexCoord1sv
glAlphaFunc
glBegin
glRectsv
glTexCoordPointer
glColor3sv
glClipPlane
glIndexf
glIndexi
glPixelStoref
glPixelZoom
glNormal3d
glVertex2s
glGetTexEnviv
glClearColor
glLightModelfv
glVertex2i
glGetMapdv
glRasterPos2fv
glColor3ub
glGetBooleanv
glTexCoord1dv
glMap2d
glDrawArrays
glColor3b
wglDeleteContext
glNormal3i
glGetPixelMapuiv
glColor4us
glGetTexGenfv
glEvalCoord1f
glGetDoublev
glEvalCoord2d
glTexParameterf
glPushName

Exports

Exports

VSTPluginMain

Sections

.text
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lies0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lies1
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e1a928e8dab28656e251f1315a5dcae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

dxgi

opengl32

Exports

Exports

Sections

.text Size: - Virtual size: 5.2MB

.rdata Size: - Virtual size: 3.6MB

.data Size: - Virtual size: 259KB

.pdata Size: - Virtual size: 235KB

_RDATA Size: - Virtual size: 348B

.lies0 Size: - Virtual size: 1.8MB

.lies1 Size: 6.8MB - Virtual size: 6.8MB

.reloc Size: 512B - Virtual size: 224B

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: - Virtual size: 5.2MB

.rdata
Size: - Virtual size: 3.6MB

.data
Size: - Virtual size: 259KB

.pdata
Size: - Virtual size: 235KB

_RDATA
Size: - Virtual size: 348B

.lies0
Size: - Virtual size: 1.8MB

.lies1
Size: 6.8MB - Virtual size: 6.8MB

.reloc
Size: 512B - Virtual size: 224B

.rsrc
Size: 62KB - Virtual size: 62KB