NEAS[.]516b3b9bec193786a11cc0f24f8fec60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.516b3b9bec193786a11cc0f24f8fec60.exe
Size

144KB
MD5

516b3b9bec193786a11cc0f24f8fec60
SHA1

c2f59ef95991745b3c55a922b70a3ad9722a42f0
SHA256

94f2511f1edbbb923b18011c5ffb9b664d1cfa51c0ce42a7e1cb6d4999036031
SHA512

2753dd61c3c88cfe3df4c624fdad988f3c5b370692a07af8ad6517cd131571565fc6555be6f80a2bd8a12d1da95180377d7a03b96d2deb7e7c92acea6383fe0b
SSDEEP

1536:OihQxmjLGoPnCsiUlqQQ1iO4GjCF5vo/kansyShotf5hKk0dG5ZgxgP8gOf7O:OiucjCoPCie1CGjCF5voZnvtf53of7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.516b3b9bec193786a11cc0f24f8fec60.exe

Files

NEAS.516b3b9bec193786a11cc0f24f8fec60.exe
.dll windows:4 windows x86

ebbf02c577963d6e270712d63fd2c86f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
GetTickCount
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalSize
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapCreate
MulDiv
IsBadCodePtr
HeapFree
GetProcessHeap
GetVersionExA
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
GlobalFree
GlobalAlloc

user32

GetClientRect
UpdateWindow
SetFocus
IsWindowUnicode
GetWindowLongA
GetSystemMetrics
GetDoubleClickTime
GetMessageTime
SetTimer
KillTimer
SystemParametersInfoA
GetUpdateRect
DefWindowProcW
DefWindowProcA
SendMessageW
IntersectRect
GetKeyboardLayout
RegisterClassA
RegisterClassW
GetFocus
ShowScrollBar
BeginPaint
EndPaint
SetScrollInfo
GetScrollInfo
ScrollWindow
GetKeyState
GetCursorPos
SetCursor
PtInRect
UnregisterClassW
UnregisterClassA
DestroyCaret
CreateCaret
GetSysColor
GetSysColorBrush
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
SendMessageA
IsClipboardFormatAvailable
MessageBeep
GetWindowRect
GetParent
ScreenToClient
GetDC
ReleaseDC
FillRect
CharUpperA
LoadImageA
LoadCursorA
RegisterClipboardFormatA
InvalidateRect
SetCapture
ReleaseCapture
ShowCaret
HideCaret
GetClipboardData

gdi32

DeleteObject
DeleteDC
SelectObject
CreateDIBSection
GetDeviceCaps
BitBlt
CreateCompatibleDC
LineTo
MoveToEx
SetROP2
GetTextExtentPoint32W
GetBkMode
ExtTextOutA
ExtTextOutW
TextOutA
TextOutW
CreateSolidBrush
SetBkMode
SetBkColor
SetTextColor
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
GetTextMetricsA
GetStockObject
GetObjectW
GetTextMetricsW
CreateRectRgn
CreateCompatibleBitmap
CreatePen

ole32

OleUninitialize
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize

imm32

ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
ImmNotifyIME
ImmEscapeW
ImmGetCompositionStringW
ImmSetCompositionFontW
ImmSetCompositionFontA
ImmSetCompositionWindow

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebbf02c577963d6e270712d63fd2c86f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

imm32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 188B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 188B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB