NEAS[.]39a0128feeccaf6df0c2a68a1d2a1b70[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.39a0128feeccaf6df0c2a68a1d2a1b70.exe
Size

676KB
MD5

39a0128feeccaf6df0c2a68a1d2a1b70
SHA1

fe589d5b471241c39cd384a96c923ba0d86437a6
SHA256

6c6ce1412d2d50f92b2ad237859da0eda3604418c504fe184577b82da7a72978
SHA512

90f7d4bb51621f3ea916fa3f02c3351538c1c991cbf013d832b11d06cb5408403b64aafb61a0a5ba4399ac01a7437b09985f9c27c1c4c14ea9ca200d5b8bca34
SSDEEP

12288:ZMVHnn7aLGVMIUzQYKFLs3qlwRsd0yeFZAWOB2Y:An7aLG+IUug0wCd0dZS2Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.39a0128feeccaf6df0c2a68a1d2a1b70.exe

Files

NEAS.39a0128feeccaf6df0c2a68a1d2a1b70.exe
.exe windows:6 windows x86

3776e02afc74d35d53cfa4e911ec12a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetEnvironmentVariableW
CreateDirectoryW
ContinueDebugEvent
WaitForDebugEvent
CloseHandle
GetCurrentProcess
CreateProcessW
GetVersionExW
IsWow64Process
GetLastError
VirtualQueryEx
ReadProcessMemory
GetModuleHandleA
GetProcAddress
CreateFileW
GetCurrentProcessId
GetCurrentThreadId
FreeLibrary
LoadLibraryW
GetCurrentDirectoryW
GetFileAttributesW
GetTempFileNameW
GetTempPathW
SetLastError
WaitForSingleObject
GetExitCodeProcess
GetNativeSystemInfo
LocalFree
FormatMessageA
SetEndOfFile
WriteConsoleW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
RaiseException
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
GetCPInfo
HeapAlloc
DeleteFileW
FatalAppExitA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
IsProcessorFeaturePresent
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
IsDebuggerPresent
GetCurrentThread
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetFilePointerEx
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryExW
OutputDebugStringW
SetStdHandle
SetEnvironmentVariableA

user32

wsprintfW

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3776e02afc74d35d53cfa4e911ec12a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 544KB - Virtual size: 543KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 13KB - Virtual size: 23KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 544KB - Virtual size: 543KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 13KB - Virtual size: 23KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 22KB