NEAS[.]bfd52eb0cf4b40882cbf1981d94a5ad0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bfd52eb0cf4b40882cbf1981d94a5ad0.exe
Size

1.7MB
MD5

bfd52eb0cf4b40882cbf1981d94a5ad0
SHA1

d12744b62a215975f5d369ddf3ff41c94a88c9af
SHA256

be5d50c327c3545a7c38e1cd3c37b057b1a7239e5c02fbb62ebd7dfd635960b4
SHA512

26dab3b8e84ee69ee8b679d277848f3c014f0d241ef2b86975df950c6e81ddf55c26ad7da7b1a4cb6046d1e3c2a21070507327e04f0eca2b2a6e1a942004111b
SSDEEP

49152:WjZdthRSV9cHT8GmVv0h5Jknjwe743cKQm5Et8AGVudMBOy366tsbV7g:Y5SV9cHT8nv0hQwe743cK95yGVudaOyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bfd52eb0cf4b40882cbf1981d94a5ad0.exe

Files

NEAS.bfd52eb0cf4b40882cbf1981d94a5ad0.exe
.exe windows:5 windows x86

b2c4de99ae1d29c657302d4e5543d9ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileW
GlobalFree
WideCharToMultiByte
DeactivateActCtx
LoadLibraryW
ActivateActCtx
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
ReleaseActCtx
FreeLibrary
CompareStringW
GetCurrentProcessId
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
lstrcmpA
FileTimeToSystemTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
lstrcmpW
GlobalFlags
GlobalAddAtomW
SetThreadPriority
ResumeThread
GetLocaleInfoW
GetUserDefaultUILanguage
GlobalDeleteAtom
GetVersionExW
GlobalFindAtomW
FreeResource
lstrcpyW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetNumberFormatW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapQueryInformation
HeapSize
ExitThread
ExitProcess
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
RaiseException
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteFile
SetFilePointer
CreateFileW
GetEnvironmentVariableW
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemDefaultLCID
lstrlenA
MultiByteToWideChar
GetModuleFileNameW
GetModuleHandleW
lstrcmpiW
GetCommandLineW
LoadLibraryA
GetProcAddress
InitializeCriticalSectionAndSpinCount
CreateThread
CreateEventW
CloseHandle
SetEvent
lstrlenW
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
Sleep
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
LocalFree
SetLastError
FormatMessageW
HeapReAlloc
HeapFree
GetLastError
HeapAlloc
HeapCreate
GetSystemTimeAsFileTime

user32

EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
SetRectEmpty
SystemParametersInfoW
EnumDisplayMonitors
SetLayeredWindowAttributes
SetCursor
ShowOwnedPopups
DeleteMenu
InvalidateRect
SetTimer
KillTimer
GetMenuItemInfoW
DestroyMenu
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyW
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
CopyImage
LoadImageW
GetNextDlgGroupItem
DrawIconEx
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
SetClassLongW
LoadMenuW
GetSystemMenu
DrawStateW
DrawEdge
DrawFrameControl
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextW
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
IntersectRect
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageW
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
SetWindowsHookExW
CallNextHookEx
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
DestroyIcon
GetFocus
GetDesktopWindow
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
PostThreadMessageW
CharNextW
GetMessageW
DispatchMessageW
InflateRect
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
ShowScrollBar
MonitorFromWindow
GetMenu

advapi32

RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoInitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
StringFromGUID2
CoUninitialize
CoRevokeClassObject
CoResumeClassObjects
CoRegisterClassObject
CoInitializeSecurity
CoInitializeEx
CoSuspendClassObjects
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemFree
CoCreateGuid

oleaut32

SafeArrayRedim
VariantChangeType
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreate
VariantInit
VariantCopy
VariantClear
VariantCopyInd
SafeArrayUnaccessData
SafeArrayAccessData
VarBstrCat
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
SysAllocStringByteLen
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
UnRegisterTypeLi
SysStringLen
SysAllocString
SysFreeString
SysStringByteLen

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW

atl100

ord23
ord25
ord61
ord32
ord64
ord68
ord56
ord49
ord17
ord20
ord30
ord58
ord31

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipFree

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

gdi32

CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
CopyMetaFileW
CreateDCW
DeleteObject
SaveDC
RestoreDC
SetBkColor
SetBkMode
EnumFontFamiliesW
GetTextMetricsW
CreateCompatibleBitmap
CreateDIBitmap
DPtoLP
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectW
CreateHatchBrush
CreateSolidBrush
SetROP2
SetTextColor
SetMapMode
ExcludeClipRect
CreatePen
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
GetTextExtentPoint32W
GetObjectType
GetClipBox
GetTextCharsetInfo
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SetPolyFillMode
GetDeviceCaps
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetTextFaceW
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
Rectangle

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetFileTitleW

shell32

SHGetPathFromIDListW
SHAppBarMessage
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2c4de99ae1d29c657302d4e5543d9ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msimg32

comctl32

shlwapi

atl100

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

comdlg32

shell32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 293KB - Virtual size: 293KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 173KB - Virtual size: 172KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 293KB - Virtual size: 293KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 173KB - Virtual size: 172KB