NEAS[.]ab4cc855db1953ac41ea34eb4aca36d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ab4cc855db1953ac41ea34eb4aca36d0.exe
Size

704KB
MD5

ab4cc855db1953ac41ea34eb4aca36d0
SHA1

b3a9170084ef8e154ab76a4f377b631987447255
SHA256

03115b956a4f2104cab047d210b0f5fb1dff21aa9fac52b011c6b78948f0bed6
SHA512

62fcade40103e88be68b6079d5e968958606fe205e74f1e3b8841b0940b2da5b84415b0e4d4a8ada81a693eaa71bcd7fe82c5a10951c3e7d876e615f20449798
SSDEEP

12288:VxeD4r4reBH7GfC+qMZ/iHJVI3cruD5HRXQ5:veD7reBH7GfC+qMZ/ipVTSD5H6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ab4cc855db1953ac41ea34eb4aca36d0.exe

Files

NEAS.ab4cc855db1953ac41ea34eb4aca36d0.exe
.exe windows:4 windows x86

9758b826976d2e77443631836dd2e103

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA
RaiseException
GetProfileStringA
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
WritePrivateProfileStringA
GetFileTime
GetFileAttributesA
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetCurrentThread
lstrcmpA
lstrcpynA
WideCharToMultiByte
InterlockedIncrement
MulDiv
SetLastError
InterlockedDecrement
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
TerminateProcess
OpenProcess
SetCurrentDirectoryA
OpenFileMappingA
CreateFileMappingA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateThread
CreateJobObjectA
SetInformationJobObject
CreateProcessA
AssignProcessToJobObject
ResumeThread
WaitForSingleObject
GetACP
GetModuleFileNameA
CreateMutexA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetSystemDirectoryA
MultiByteToWideChar
GetFileSize
ReadFile
ExitProcess
UnmapViewOfFile
InterlockedExchange
MapViewOfFile
LocalFree
GetCurrentProcess
SetPriorityClass
DeviceIoControl
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
DeleteFileA
FindResourceA
SizeofResource
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetModuleHandleA
CreateFileA
WriteFile
CloseHandle
GetLastError
GetTickCount
OutputDebugStringA
Sleep
GetEnvironmentStringsW

user32

SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
wvsprintfA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
SetRectEmpty
PostQuitMessage
CharUpperA
GetClassNameA
GetDesktopWindow
LoadCursorA
ReleaseCapture
SetCapture
GetDCEx
LockWindowUpdate
SetParent
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
GetDlgItemTextA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
SetWindowLongA
IsWindow
OpenClipboard
ExitWindowsEx
EmptyClipboard
SetClipboardData
CloseClipboard
SetActiveWindow
BringWindowToTop
GetDlgItem
IsIconic
DrawIcon
RegisterHotKey
LoadIconA
FindWindowExA
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetWindowTextA
LoadBitmapA
KillTimer
PtInRect
GetCursorPos
SetTimer
DeleteMenu
RemoveMenu
GetSysColorBrush
GetMenuStringA
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuItemCount
GetMenuState
ModifyMenuA
EnableWindow
LoadStringA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
InsertMenuA
AppendMenuA
GetSystemMetrics
DrawTextA
DrawIconEx
DrawEdge
SystemParametersInfoA
GetMenuItemInfoA
MessageBoxA
FrameRect
LoadMenuA
LoadImageA
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
GetSysColor
FillRect
DrawStateA
OffsetRect
GetClientRect
DrawFocusRect
InflateRect
CopyRect
GetWindowRect
GetDlgItemInt
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
CallWindowProcA
PeekMessageA
GetSubMenu
TrackPopupMenuEx
PostMessageA
WindowFromPoint
GetActiveWindow
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
MessageBeep
SendMessageA
IsWindowUnicode
SetRect
GetWindowTextLengthA

gdi32

ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
CreateRectRgn
SelectClipRgn
GetDeviceCaps
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateRectRgnIndirect
SetRectRgn
CombineRgn
StretchDIBits
GetCharWidthA
CreateFontA
GetTextMetricsA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
PatBlt
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
GetBkMode
CreateFontIndirectA
CreateSolidBrush
CreatePen
CreateDIBSection
GetObjectA
GetPixel
SetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA
CreateServiceA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey
RegQueryValueExA
RegOpenKeyA
GetUserNameA
LookupAccountSidA
GetTokenInformation
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
DeleteService

shell32

Shell_NotifyIconA
ShellExecuteA
ShellExecuteExA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
_TrackMouseEvent

winmm

PlaySoundA

gdiplus

GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromFileICM
GdipGetImageHeight
GdipDrawImageRectI
GdipReleaseDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromFile
GdipFree

wsock32

htons
socket
WSACleanup
WSAStartup
closesocket
shutdown
send
gethostname
recv
__WSAFDIsSet
select
connect
gethostbyname

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9758b826976d2e77443631836dd2e103

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

winmm

gdiplus

wsock32

wininet

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 20KB - Virtual size: 49KB

.rsrc Size: 304KB - Virtual size: 303KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 20KB - Virtual size: 49KB

.rsrc
Size: 304KB - Virtual size: 303KB