NEAS[.]b24a0b0afa49541cd6bb5adc31673e40[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.b24a0b0afa49541cd6bb5adc31673e40.exe
Size

304KB
MD5

b24a0b0afa49541cd6bb5adc31673e40
SHA1

4774e59beffc83dadc9164ac3552f27ee70044be
SHA256

833c271783a98e034b8453c91a3f19587dc1a82eec84b977136a9faa6c4d22b4
SHA512

99b4257a2546ef93bd6d218bc76d02bb757415d7dad90f102c636cf36ed9b189fcc2b9b0e772d4b0d3e90eeb486307527d6c09ac47118c2b3f8fae9f5e3b0b5a
SSDEEP

6144:jPlgbnLlSAya65Tp6lqIXcqaWKrqqDLuLM:jPynBt6t92qnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b24a0b0afa49541cd6bb5adc31673e40.exe

Files

NEAS.b24a0b0afa49541cd6bb5adc31673e40.exe
.dll regsvr32 windows:4 windows x86

f5edda3bfc24d606d8481695b420d346

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
RaiseException
GetACP
GetTimeZoneInformation
HeapSize
HeapReAlloc
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
SetHandleCount
TerminateProcess
GetStartupInfoA
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetCommandLineA
LockFile
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
ExitProcess
RtlUnwind
GetProfileIntA
GetFileAttributesA
GetFileTime
GetFileSize
GetCPInfo
SizeofResource
GetOEMCP
CopyFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalSize
GetShortPathNameA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
VirtualFree
FlushFileBuffers
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetProcAddress
LoadLibraryA
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FormatMessageA
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
lstrcpynA
MulDiv
SetLastError
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetUserDefaultLCID
IsDBCSLeadByte
GlobalFree
GlobalUnlock
InterlockedDecrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
lstrcpyA
InterlockedIncrement
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetEnvironmentVariableA
lstrlenA

user32

GetTabbedTextExtentA
GetDialogBaseUnits
GetDCEx
RemoveMenu
InsertMenuA
UnregisterClassA
EndDialog
CreateDialogIndirectParamA
LockWindowUpdate
EnumChildWindows
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
GetDlgItem
GetWindowTextA
CharUpperA
AppendMenuA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
GetWindowPlacement
GetClassNameA
SetRect
GetSysColor
LoadStringA
GetSysColorBrush
TabbedTextOutA
GetClientRect
SetRectEmpty
ReleaseDC
GetDC
GetCapture
ReleaseCapture
SetCapture
LoadCursorA
PtInRect
GetSystemMetrics
RegisterClipboardFormatA
ScreenToClient
IsChild
IsRectEmpty
IntersectRect
CreateMenu
DestroyMenu
GetDesktopWindow
GetMenuItemCount
GetMenu
GetSubMenu
GetMenuItemID
UpdateWindow
InflateRect
GetWindowRect
ShowWindow
OffsetRect
InvalidateRect
DrawEdge
CopyRect
SetParent
SetWindowPos
CallWindowProcA
DefWindowProcA
SetWindowLongA
DestroyWindow
UnhookWindowsHookEx
wsprintfA
GetMenuCheckMarkDimensions
DestroyIcon
CreateWindowExA
GetDlgCtrlID
GetMenuStringA
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
EnableWindow
FillRect
GrayStringA
DrawTextA
IsIconic
SystemParametersInfoA

gdi32

MoveToEx
GetCurrentPositionEx
DeleteObject
CreateRectRgn
ScaleWindowExtEx
SetWindowExtEx
CreatePen
CreateSolidBrush
CreatePatternBrush
CopyMetaFileA
CreateDCA
GetTextMetricsA
GetTextExtentPoint32A
GetTextAlign
CreateFontIndirectA
PatBlt
UnrealizeObject
Rectangle
SetRectRgn
CreateRectRgnIndirect
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SelectObject
SetBkMode
SaveDC
RestoreDC
SetBkColor
SetTextColor
GetObjectA
Escape
GetClipBox
TextOutA
RectVisible
ExtTextOutA
CombineRgn
PtVisible
CreateMetaFileA
DeleteDC
DeleteMetaFile
LPtoDP
CloseMetaFile
CreateBitmap
GetStockObject
GetDeviceCaps
SelectClipRgn
Ellipse

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA

shell32

ExtractIconA

comctl32

ord17

ole32

CreateStreamOnHGlobal
ReadClassStm
OleDuplicateData
CoCreateInstance
CoDisconnectObject
CoTaskMemFree
OleSaveToStream
ReleaseStgMedium
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoTaskMemAlloc
CreateDataCache
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
StringFromCLSID
ReadFmtUserTypeStg
CreateOleAdviseHolder

olepro32

ord253
ord250
ord251
ord252

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
LoadRegTypeLi
VariantCopy
SysAllocString
VariantChangeType
VariantClear
LoadTypeLi
RegisterTypeLi
SysStringByteLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5edda3bfc24d606d8481695b420d346

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 24KB - Virtual size: 23KB