NEAS[.]4e81c5137f62c65ae04051cb4c4311d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4e81c5137f62c65ae04051cb4c4311d0.exe
Size

1.7MB
MD5

4e81c5137f62c65ae04051cb4c4311d0
SHA1

69124f703212ff3d33d6c6e37f223e91eb837cf6
SHA256

2ec0404511b80a23955b10ee8783ebbd6a92120e3b7c6c4da5be7ec10d43521d
SHA512

9888c4e93f042a4a5298cf6cc69b6523d9fff613f71d0ccd0c1a7db6b630884c7719a6226755813dc990bd4ae781a88f3a5b86964d9203b7c12c4b6564eca078
SSDEEP

24576:C8nSsIY1VbEMxlc7nUgT4/Tfmhb5Y0HcG8q:TRIY1VbX4rE/T+hb5z8Gn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4e81c5137f62c65ae04051cb4c4311d0.exe

Files

NEAS.4e81c5137f62c65ae04051cb4c4311d0.exe
.dll windows:6 windows x86

899e7fd26f70cf4d014195a10f754f30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5core

?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
?qUnregisterResourceData@@YA_NHPBE00@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?staticMetaObject@QObject@@2UQMetaObject@@B
?shared_null@QListData@@2UData@1@B
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
??0QFactoryInterface@@QAE@XZ
??0QString@@QAE@ABV0@@Z
??1QFactoryInterface@@UAE@XZ
??1QObject@@UAE@XZ
??0QObject@@QAE@PAV0@@Z
?end@QListData@@QBEPAPAXXZ
?begin@QListData@@QBEPAPAXXZ
?append@QListData@@QAEPAPAXXZ
?dispose@QListData@@SAXPAUData@1@@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?detach@QListData@@QAEPAUData@1@H@Z
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
??1QString@@QAE@XZ
?qRegisterResourceData@@YA_NHPBE00@Z

vcruntime140

__vcrt_InitializeCriticalSectionEx
_purecall
__std_type_info_destroy_list
_CxxThrowException
__CxxFrameHandler3
__std_terminate
__std_exception_copy
__std_exception_destroy
memset
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

kernel32

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
CloseHandle

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

899e7fd26f70cf4d014195a10f754f30

Headers

DLL Characteristics

File Characteristics

Imports

qt5core

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 512B - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 168B

.gfids Size: 512B - Virtual size: 76B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 512B - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 168B

.gfids
Size: 512B - Virtual size: 76B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB