NEAS[.]470f3486913ba83fe5a5bc245bf5c450[.]exe

General

Target

NEAS.470f3486913ba83fe5a5bc245bf5c450.exe
Size

36KB
MD5

470f3486913ba83fe5a5bc245bf5c450
SHA1

1bc866615cbb1d77c672181f497e9506402332db
SHA256

c786de87d32569033e53c18100a658df51003fe159376d1bfaf839c85739ef98
SHA512

bc75d53a54dcffa059981a4f7287ecfdc46d0c0a2bf1d60cca845b9fe12e7098469b70fe42e8c54425212200ce9a37290741847b30e10bc19a1d9371605cd259
SSDEEP

768:cLVpe+RIyVPIwYe7A0IW9+6IwYe7aYFdXDpfx:kVg2IyVPPYe7AM46PYe7aYFxpfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.470f3486913ba83fe5a5bc245bf5c450.exe

Files

NEAS.470f3486913ba83fe5a5bc245bf5c450.exe
.exe windows:4 windows x86

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
CompareStringW
GetModuleHandleW
GetFullPathNameW
GetStringTypeW
lstrcpynW
GetCurrentProcess
lstrcmpA
GetProcAddress
TlsGetValue
OpenMutexA
GetPrivateProfileSectionA
WaitForSingleObjectEx
FoldStringW
WriteConsoleA
GetPrivateProfileSectionA
HeapAlloc
FileTimeToSystemTime
InterlockedDecrement
CopyFileW
DeviceIoControl
ReplaceFileA
FindNextVolumeW
QueryDosDeviceA
GetSystemTime
SetEnvironmentVariableA
GetLocalTime
GetDiskFreeSpaceA
SearchPathA
IsValidCodePage
GetShortPathNameA
GetTickCount
GetVolumePathNameA
GetPrivateProfileSectionA
SetErrorMode
GetProcessHeap
FindFirstVolumeW

cryptdll

MD5Final
MD5Init
CDLocateRng
CDBuildVect
MD5Update

user32

GetClassInfoA
CharToOemA
GetMessageW
EnumDesktopsA
GetCaretPos
IsDialogMessageA
wsprintfA
DispatchMessageA
SetFocus
PostMessageW
DrawIcon
DrawTextA
LoadCursorA
CreateDesktopA
DialogBoxParamW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

Imports

kernel32

cryptdll

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB