NEAS[.]62db7e0cae246638368bb1258a5e4260[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.62db7e0cae246638368bb1258a5e4260.exe
Size

456KB
MD5

62db7e0cae246638368bb1258a5e4260
SHA1

bc2ddee5a2463b173fc0a602cac6effce23faa83
SHA256

26818987510c7a8f8d4e5de684feeced12f6efd0e7f55c09cba9971238f26080
SHA512

3d18b9cbe68146c7d579a265f496effb20614496542d6e7d1a4f613a4705e8435f92ce21e626480babdf7fb8ae3e3a42d1d63e2039ca7f774ee30d1c9d8ca6f3
SSDEEP

12288:Cb1iCYrs1tgC7Z1Z3Fn7xSSCrJIJb1KM/:Cb1iJrs1tgC7fZ1n7xSSCrGOQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.62db7e0cae246638368bb1258a5e4260.exe

Files

NEAS.62db7e0cae246638368bb1258a5e4260.exe
.dll windows:4 windows x64

f3547b0be248dee59a8d14a51ac4e17f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
CloseHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetPrivateProfileIntA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
RtlVirtualUnwind
RtlPcToFileHeader
RaiseException
SetLastError
TlsFree
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
DeleteCriticalSection
WritePrivateProfileStringA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
FormatMessageA
LoadLibraryA
GetThreadLocale
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapSetInformation
HeapCreate
HeapDestroy
HeapSize
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext

user32

RegisterClassA
RegisterWindowMessageA
ReleaseCapture
SetCapture
DefWindowProcA
SetWindowLongA
GetClassNameA
BeginPaint
GetWindow
EndPaint
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
EnumChildWindows
InvalidateRgn
GetDlgItemTextA
SendDlgItemMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetClientRect
SetWindowPos
WindowFromPoint
wsprintfA
SetTimer
SetWindowLongPtrA
GetWindowLongPtrA
UnregisterClassA
LoadMenuA
GetCursorPos
ClientToScreen
GetSubMenu
CheckMenuItem
EnableMenuItem
GetFocus
TrackPopupMenu
DestroyMenu
ShowWindow
LoadCursorA
SetCursor
GetSysColor
OffsetRect
GetDlgItem
SendMessageA
InvalidateRect
GetAsyncKeyState
CheckDlgButton
DialogBoxParamA
CreateDialogParamA
DestroyWindow
PostMessageA
GetWindowLongA
IsWindowVisible
GetParent
GetWindowRect
ScreenToClient

gdi32

BitBlt
CreateSolidBrush
FillRgn
RectInRegion
CreateRectRgnIndirect
CombineRgn
DeleteObject
CreateFontIndirectA

Exports

Exports

VSTPluginMain

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3547b0be248dee59a8d14a51ac4e17f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 309KB - Virtual size: 308KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 10KB - Virtual size: 28KB

.pdata Size: 7KB - Virtual size: 7KB

.data1 Size: 5KB - Virtual size: 5KB

.trace Size: 10KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 309KB - Virtual size: 308KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 10KB - Virtual size: 28KB

.pdata
Size: 7KB - Virtual size: 7KB

.data1
Size: 5KB - Virtual size: 5KB

.trace
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB