NEAS[.]e093c98725443e69f04a88d4221c75a0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.e093c98725443e69f04a88d4221c75a0.exe
Size

3.2MB
MD5

e093c98725443e69f04a88d4221c75a0
SHA1

77ff30a19e5c42407a90e0996a4f3dae214583a0
SHA256

ef6c5697ddaeb7613f846513a6c4f8cc82e1bd585305329f9c3e2d5a9c34c3b4
SHA512

8ae4edcd5bb14a459805e1497701a4b23661ac10253d70a9326e9733eada3978b87ce0304dc7d50583050fbf08eeaf9464c7fd52ac2440afa11b116c3ebf8f76
SSDEEP

98304:B0A3xTuGbG1OGGx8B39KAMsm0oCX1L7vhrqH2HUACHVHXXH8HhHNHk7zJNLxOKn7:B0AV1OzxjgTff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e093c98725443e69f04a88d4221c75a0.exe

Files

NEAS.e093c98725443e69f04a88d4221c75a0.exe
.exe windows:5 windows x86

c6c69624a93e4c9c7d65732bfcb14da4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerSetControlDetails
timeEndPeriod
timeGetTime
timeBeginPeriod
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetControlDetailsA
PlaySoundA
mixerGetDevCapsA

d3d9

Direct3DCreate9

kernel32

MultiByteToWideChar
GlobalUnlock
GetModuleHandleA
CloseHandle
CreateFileA
GetFileSize
InterlockedIncrement
InterlockedDecrement
GetFileTime
GetSystemInfo
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetCurrentDirectoryA
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
lstrcmpiA
WriteFile
CreateFileW
UnmapViewOfFile
HeapAlloc
GetProcessHeap
HeapFree
LocalFree
lstrlenA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LoadLibraryW
GetTimeZoneInformation
GlobalAlloc
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
ReadFile
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
HeapSize
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
ExitProcess
GetModuleHandleW
GetLocalTime
GetSystemTimeAsFileTime
HeapReAlloc
GetDriveTypeW
GetStartupInfoW
HeapSetInformation
CreateThread
ResumeThread
ExitThread
RtlUnwind
RaiseException
DecodePointer
EncodePointer
GetStringTypeW
GetCommandLineA
GlobalLock
CreateMutexW
DeleteFileA
GetCurrentProcessId
GetVersionExA
OutputDebugStringA
GetCurrentThreadId
SetCurrentDirectoryA
DeleteCriticalSection
QueryPerformanceFrequency
GetThreadPriority
FindNextFileA
GetModuleFileNameA
CreateFileMappingA
LoadLibraryA
FindClose
GetProcAddress
GetLastError
FindFirstFileA
IsBadWritePtr
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
SetUnhandledExceptionFilter
FreeLibrary
SetErrorMode
VirtualQuery
MapViewOfFile
MulDiv
WideCharToMultiByte
GetCurrentThread
SetThreadPriority
Sleep
LeaveCriticalSection
EnterCriticalSection
RemoveDirectoryA
CreateDirectoryA
GetCurrentDirectoryW

user32

FillRect
SetRect
SetCaretPos
CreateCaret
DestroyCaret
ShowCaret
HideCaret
GetSystemMetrics
DestroyCursor
ReleaseDC
GetDC
CreateIconIndirect
GetClientRect
SetCursor
RegisterClassA
LoadCursorA
AdjustWindowRect
SetWindowTextA
MessageBoxW
DispatchMessageA
CreateWindowExW
GetSysColorBrush
ShowWindow
DefWindowProcA
EndPaint
ClientToScreen
CloseClipboard
ScreenToClient
GetWindowRect
RegisterWindowMessageW
IsIconic
SetCapture
SetForegroundWindow
CreateCursor
EnumDisplaySettingsA
WindowFromPoint
BeginPaint
EnumWindows
GetWindowPlacement
SetWindowLongA
MessageBoxA
GetClipboardData
PeekMessageA
EmptyClipboard
GetCursorPos
GetActiveWindow
PostMessageA
OpenClipboard
SystemParametersInfoA
ReleaseCapture
RegisterClassW
IsWindowVisible
SetClipboardData
ChangeDisplaySettingsA
DefWindowProcW
MoveWindow
DestroyWindow
GetMessageA
SetTimer
LoadIconA
SetFocus
SendMessageA
TranslateMessage
GetWindowTextA
CreateWindowExA

gdi32

MoveToEx
ExtTextOutA
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkColor
GetCharacterPlacementW
GetCharacterPlacementA
ExtTextOutW
GetGlyphOutlineA
GetObjectW
SetTextColor
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
CreateBitmap
SetBkMode
DeleteObject
SelectObject
GetTextMetricsA
GetObjectA
CreateSolidBrush
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

SHGetFolderPathA
ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

wsock32

closesocket
gethostbyname
send
__WSAFDIsSet
socket
recv
WSACleanup
htons
WSAGetLastError
select
ioctlsocket
WSAStartup
connect
inet_ntoa

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6c69624a93e4c9c7d65732bfcb14da4

Headers

DLL Characteristics

File Characteristics

Imports

winmm

d3d9

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wsock32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 367KB - Virtual size: 367KB

.data Size: 62KB - Virtual size: 325KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 367KB - Virtual size: 367KB

.data
Size: 62KB - Virtual size: 325KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB