NEAS[.]9745a65e5a31dde441dfd47ce2cb3d20[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9745a65e5a31dde441dfd47ce2cb3d20.exe
Size

4.9MB
MD5

9745a65e5a31dde441dfd47ce2cb3d20
SHA1

00a0b3d8a92525c43d1b7fa80034e0bd2d0f40e2
SHA256

4cd630a4c1c682cbacbbc0e441c74ebc62168b5ef91c440dc25ed4ff09209132
SHA512

7a03cefa4edaaa2f205bdd528418ea03d3303998aa92ee76f0675ebbfb66b1be5680e03009fd2bd24bd9511e724196a1fc6bcaf317bcdb61dc250f7e5323676f
SSDEEP

98304:8omx8J155nRQchNb6VZBs5WDdly9DHBnBlO8DrPEJa/3:QxMxnRv+Vzstn3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9745a65e5a31dde441dfd47ce2cb3d20.exe

Files

NEAS.9745a65e5a31dde441dfd47ce2cb3d20.exe
.exe windows:4 windows x86

2841b4ecdeff904b0d0843f2141e9ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

comctl32

InitCommonControlsEx

kernel32

LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoA
CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
EnumCalendarInfoA
EnumResourceNamesA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FatalAppExitA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeResource
GetACP
GetComputerNameA
GetCPInfo
GetCurrentDirectoryA
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProfileStringA
GetShortPathNameA
GetStdHandle
GetStringTypeExA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetCurrentProcessId
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
MoveFileA
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
ResetEvent
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetConsoleMode
MulDiv
GetUserDefaultLCID

user32

EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetCapture
GetClassInfoA
GetClassNameA
GetClipboardData
GetClipboardFormatNameA
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardState
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
LockWindowUpdate
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
DefFrameProcA
OemToCharBuffA
EnableWindow
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollDC
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
ToAscii
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
WinHelpA
VkKeyScanA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CopyImage
CloseClipboard
ClientToScreen
CheckMenuItem
CharUpperBuffA
CharToOemBuffA
CharToOemA
CharNextA
OemToCharA
EndDeferWindowPos
GetClientRect
SendMessageW
CreateWindowExW
EnableScrollBar
EnableMenuItem
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
OffsetRect
DefMDIChildProcA
CharLowerBuffA
CharLowerA
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AdjustWindowRectEx
ActivateKeyboardLayout
GetActiveWindow
GetKeyboardType
GetDialogBaseUnits
SystemParametersInfoW
EndPaint

gdi32

CreateFontIndirectW

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegCloseKey

shell32

CommandLineToArgvW

ole32

CoUninitialize
CoInitialize

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SafeArrayAccessData
GetErrorInfo
GetActiveObject
VariantInit

msvcrt

_XcptFilter
_exit
_except_handler3
__getmainargs
_initterm
__setusermatherr
exit
__p__commode
__p__fmode
__set_app_type
_controlfp
_adjust_fdiv
_acmdln

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atls1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bl10282
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2841b4ecdeff904b0d0843f2141e9ae9

Headers

File Characteristics

Imports

mpr

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4.0MB

.atls1 Size: 8KB - Virtual size: 4KB

.rsrc Size: 800KB - Virtual size: 796KB

bl10282 Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4.0MB

.atls1
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 800KB - Virtual size: 796KB

bl10282
Size: 1.8MB - Virtual size: 1.8MB