NEAS[.]bfc1e3f4db39804dc86ad6d235844550[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bfc1e3f4db39804dc86ad6d235844550.exe
Size

356KB
MD5

bfc1e3f4db39804dc86ad6d235844550
SHA1

11ee5fc9345ab1e6d3a9b52c7ee162f274a5e43b
SHA256

cc58a0688814cde742f4306fa4136bb4e5d315823ecbc7c3656e32934d2d74bb
SHA512

08823c5be467db51edb9ae446e6fcab1c3f22df509985bce63e8fb9e0c7e67f0c187b4ba6ed11de958e88a179cea99bbfb0dd8466b432318fb5880fb728cf0ac
SSDEEP

6144:D89KW0ap+KgnZm3Xk1SbeKKc4ntEvBO3MQIz:DxkFA+XkIphz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bfc1e3f4db39804dc86ad6d235844550.exe

Files

NEAS.bfc1e3f4db39804dc86ad6d235844550.exe
.dll windows:4 windows x86

1b878656606b7655bf67252629618d6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
ExitThread
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
GetCurrentProcess
FlushFileBuffers
SetFilePointer
ReadFile
WritePrivateProfileStringW
InterlockedIncrement
GlobalFlags
lstrcmpiW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetProfileIntW
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
InterlockedDecrement
SetLastError
CopyFileW
GlobalSize
FormatMessageW
lstrcpynW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenW
lstrcmpW
GetProcAddress
GetVersionExA
GlobalAlloc
GlobalFree
MulDiv
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalLock
GlobalUnlock
GetModuleHandleW
lstrlenA
GetLastError
GetTempPathW
lstrcatW
CreateDirectoryW
lstrcpyW
CreateFileW
WriteFile
SetEndOfFile
CloseHandle
GetPrivateProfileStringW
ResumeThread
SetThreadPriority
GetSystemDefaultLangID
GetCurrentProcessId
GetTickCount
Sleep
TerminateThread
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
QueryPerformanceCounter
InterlockedExchange

user32

LoadCursorW
GetSysColorBrush
DestroyMenu
IsClipboardFormatAvailable
InflateRect
SetCursor
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
PeekMessageW
MapWindowPoints
MessageBoxW
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetWindow
ReleaseCapture
SetCapture
InvalidateRect
GetWindowRgn
SetWindowRgn
OffsetRect
CallNextHookEx
RedrawWindow
DrawIcon
FillRect
UnregisterClassW
UnhookWindowsHookEx
SetWindowsHookExW
GetKeyState
PostThreadMessageW
EnumWindows
GetParent
GetWindowThreadProcessId
EndDialog
GetSystemMetrics
GetClientRect
PostMessageW
PtInRect
GetSysColor
wsprintfW
KillTimer
LoadBitmapW
EnableWindow
SetTimer
GetWindowRect
SendMessageW
SetPropW

gdi32

CreateBitmap
SetMapMode
RestoreDC
SaveDC
CopyMetaFileW
SetBkColor
GetClipBox
SetBkMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
CreateSolidBrush
SelectObject
GetTextMetricsW
SetTextColor
SetTextAlign
TextOutW
SelectClipRgn
PtInRegion
GetRgnBox
CreateCompatibleBitmap
CombineRgn
OffsetRgn
FillRgn
CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW
GetStockObject
CreateRoundRectRgn
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateRectRgn
DeleteObject

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

comctl32

ord17
ImageList_Destroy

shlwapi

PathFindFileNameW
PathFileExistsW
PathFindExtensionW

ole32

CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard

oleaut32

VariantInit
VariantChangeType
VariantClear

Exports

Exports

Pinpad_CreateKey
Pinpad_CreateKeyEx
Pinpad_GetKeyInfo
Pinpad_Indicator
Pinpad_ShowDialog

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b878656606b7655bf67252629618d6e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 112KB - Virtual size: 109KB

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 112KB - Virtual size: 109KB

.reloc
Size: 32KB - Virtual size: 31KB