NEAS[.]5c76be7c32f33738e318e15fcd8936d0[.]exe

General

Target

NEAS.5c76be7c32f33738e318e15fcd8936d0.exe
Size

154KB
MD5

5c76be7c32f33738e318e15fcd8936d0
SHA1

40c859b8fa0340655b2ce0cb250d86cd51b46232
SHA256

3e1ca8f0f441320f5b109819938acf8f330ed59a1d68b95ab2b74ba158b58bb1
SHA512

b1a498794c5ed5ff820d4e78297bb62fa9a6af3857ccd721626e9a2fe9a47abd79ee30343239fc6967502f02e29ad557fafc8eb010840c448ee5251709057b1f
SSDEEP

3072:8Wxo3SwJtRbSMZ+gYruYCmoiVihplJdI+XBJ7jcmkI:3o3Sez8XihplR72I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5c76be7c32f33738e318e15fcd8936d0.exe

Files

NEAS.5c76be7c32f33738e318e15fcd8936d0.exe
.dll windows:10 windows x86

23661dad275ceb441155f49be69f86a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

tolower
strncmp
isspace
atol
_XcptFilter
_vsnprintf
_amsg_exit
free
malloc
_initterm
_except_handler4_common
memcpy
memset

kernel32

TerminateProcess
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
_lclose
_lread
GetSystemDirectoryA
OpenFile

user32

GetWindowRect
LoadStringA
EndDialog
DialogBoxParamA
OemToCharBuffA
SetWindowLongA
MapWindowPoints
GetWindowLongA
MessageBoxA
MoveWindow
SendDlgItemMessageA
GetClientRect
GetDesktopWindow
GetParent

Exports

Exports

ConfigTranslator
ConfigureDlgProc
SQLDataSourceToDriver
SQLDriverToDataSource

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23661dad275ceb441155f49be69f86a5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 9KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 141KB - Virtual size: 140KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 141KB - Virtual size: 140KB