NEAS[.]967aad31300f5fb4deae15567dbeaaa0[.]exe

General

Target

NEAS.967aad31300f5fb4deae15567dbeaaa0.exe
Size

48KB
MD5

967aad31300f5fb4deae15567dbeaaa0
SHA1

5d19ec3953de55e059d9375e59d0c8157c8265cd
SHA256

3897a58e1ab6bf66f89917b406c62e19d1902dc1eb6e67e48a28b43e92f40d89
SHA512

4952b431c8c449fe397689a2aa9243a5461e60c2b9efcd724d0486e311aab1f57ece0e0720ad5b0beed15d5318dbb1df73cf5d824dfeca473e210089de35b46d
SSDEEP

384:mZzk7qTfliKRlS9CL/5sqL73GEMzd3jyefFrriUmuzrid+cA/8oSedAEe97:1GT9iKPV5sqLy1j1FnbmCH/8oS+eF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.967aad31300f5fb4deae15567dbeaaa0.exe

Files

NEAS.967aad31300f5fb4deae15567dbeaaa0.exe
.dll windows:4 windows x86

079754edd4a26ee5977a8f9e825e2d19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

UnhookWindowsHookEx
SetWindowPos
SetWindowsHookExA
CallNextHookEx

kernel32

HeapFree
WriteFile
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

_FreeHook@0
_SetHook@4

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shareda
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

079754edd4a26ee5977a8f9e825e2d19

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.shareda Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.shareda
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 3KB