NEAS[.]06d7ba9b3577ddd0df8fb040ef3955b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.06d7ba9b3577ddd0df8fb040ef3955b0.exe
Size

512KB
MD5

06d7ba9b3577ddd0df8fb040ef3955b0
SHA1

e728a28babc3b32f8c964027a6f0d7c295045e82
SHA256

3421a1dc4927a2e9f68cd14faa8e4efd3e50438ffaac3c1ccf7876678abed816
SHA512

723fd744adc5192cb862f1bf8e7c9071c868594f22304ff2248110a667ddd8f55e04c88180b762cd8e92a0bd5bd4ac49ac00796c3794e0c4f2ae12f4f910b055
SSDEEP

6144:62mv/z1HTr4zYCch1wiujGeaw8PPrv9icYOfAx6QTQLhMLc4L2yIAmpYIr4TITZR:62mBHTr4zYCu1982yICpXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.06d7ba9b3577ddd0df8fb040ef3955b0.exe

Files

NEAS.06d7ba9b3577ddd0df8fb040ef3955b0.exe
.dll windows:4 windows x86

a0154bfc81c7872e606b4c02614a84fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ioctlsocket
WSAGetLastError
closesocket
WSACleanup
WSAStartup
gethostbyname
inet_addr
send
recv
htons
socket
connect

mtag32_v

ZTagGetUINT

mgdi32_v

EndPath
DeleteObject
SetTextAlign
SetTextColor
SetBkMode
ExtTextOutA
GetCharABCWidthsA
GetDeviceCaps
SelectObject
BeginPath
MoveToEx
LineTo
StrokePath

mddm32_v

SDDMLoadString
SDDMGetStdDefaults
SDDMGetPrinterModelIndex
SDDMCreateProfileKey
SDDMProfileSearch
SDDMGetProfileIntArray
SDDMMakeProgress
GetPaperSize
SDDMIsLandscapePaper
SDDMGetPaperAreaAndSize
ReportDimensions
SDDMGetResolutionList
SDDMGetPrinterKeyValue
SDDMGetPrinter
SDDMSetLastError
SDDMFindProfileSection
SDDMGetProfileInt
SDDMWritePrinter

mltsrv_v

SDDMMLTReadWatermark
SDDMMLTGetWatermarkWithID
SDDMMLTCancelWatermark

kernel32

IsProcessorFeaturePresent
FreeResource
FreeLibrary
IsDBCSLeadByte
lstrcpynA
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
HeapReAlloc
GetVersion
GetCommandLineA
TlsAlloc
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
GetCurrentThreadId
ExitProcess
LeaveCriticalSection
Sleep
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
WriteFile
CreateFileA
GetLocalTime
HeapFree
HeapAlloc
GetLastError
GetTempFileNameA
GetTempPathA
DeleteFileA
ReadFile
GetFileInformationByHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MulDiv
GetWindowsDirectoryA
lstrcmpA
GetVersionExA
MultiByteToWideChar
MoveFileA
SizeofResource
LockResource
LoadResource
FindResourceA
InterlockedIncrement
TlsSetValue
TlsGetValue
LoadLibraryA
GetSystemDirectoryA
lstrcmpiA
GetCPInfo
GetModuleFileNameA
GetFileSize
GetLocaleInfoW
EnterCriticalSection
GetLocaleInfoA
LCMapStringA
RaiseException
SetEndOfFile
LCMapStringW
FlushFileBuffers
SetStdHandle
SetFilePointer

gdi32

EnumFontFamiliesA
CreateFontIndirectA
CreatePen

user32

wsprintfA
LoadStringA
ReleaseDC
MessageBoxA
GetDC

winspool.drv

GetPrinterDataA
GetJobA
GetPrinterA
SetPrinterDataA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DDMCorrectRGB
DDMEEPlot
DDMImfExchangeInfo
DDMLoadTHArray
DDMPageMark
DevParams
GetDefaults
GetOptionList

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BITSA
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0154bfc81c7872e606b4c02614a84fa

Headers

File Characteristics

Imports

ws2_32

mtag32_v

mgdi32_v

mddm32_v

mltsrv_v

kernel32

gdi32

user32

winspool.drv

advapi32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

BITSA Size: 4KB - Virtual size: 1KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 128KB - Virtual size: 285KB

.rsrc Size: 196KB - Virtual size: 195KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 128KB - Virtual size: 127KB

BITSA
Size: 4KB - Virtual size: 1KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 128KB - Virtual size: 285KB

.rsrc
Size: 196KB - Virtual size: 195KB

.reloc
Size: 12KB - Virtual size: 8KB