NEAS[.]76463014133caf76e3629dc5b2fe51e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.76463014133caf76e3629dc5b2fe51e0.exe
Size

448KB
MD5

76463014133caf76e3629dc5b2fe51e0
SHA1

9647af0c2455dbf0c6a6e3c88af170c7510e86f7
SHA256

0734bc41ee9226946f2bcee792951b3a1b60d930e5835aca72d7be40b4f7acc2
SHA512

d417a19b639c734c6ce1687f1e4344baa5f2a611fcc64eadd3af5e986fe8c7d6ac22f351f7e717287076b02e3ef40a5e735a848e314418022bfb91926459d888
SSDEEP

6144:JfIS646W1u4jzTb9ZbchWPFSb7Clr3Yr3HXbOVurvKofS:JwSxrjztZbcaFUoDYrHXnrvKo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.76463014133caf76e3629dc5b2fe51e0.exe

Files

NEAS.76463014133caf76e3629dc5b2fe51e0.exe
.exe windows:5 windows x86

b93e8e99bab45541d57b25dea8ae7cb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentThread
SetThreadPriority
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
SetEndOfFile
HeapAlloc
InterlockedDecrement
HeapFree
VirtualFree
WideCharToMultiByte
GetTimeZoneInformation
VirtualAlloc
GetTempFileNameA
GetTempPathA
Sleep
TerminateProcess
GetModuleFileNameA
PulseEvent
Beep
ResetEvent
QueryPerformanceCounter
GetSystemTimeAdjustment
QueryPerformanceFrequency
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
HeapReAlloc
HeapCreate
HeapSize
InitializeCriticalSectionAndSpinCount
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
CreateThread
ExitThread
InterlockedIncrement
DeleteCriticalSection
FormatMessageA
GetSystemInfo
DeleteFileW
CreateFileW
OpenFileMappingA
CreateMutexA
OpenEventA
CreateFileMappingA
UnmapViewOfFile
GetComputerNameA
MapViewOfFile
DeleteFileA
EnterCriticalSection
MultiByteToWideChar
ReadFile
LeaveCriticalSection
InitializeCriticalSection
GetFileSize
GetSystemTimeAsFileTime
LocalFree
LocalAlloc
GetCurrentProcessId
GetVersion
CloseHandle
GetVersionExA
ReleaseMutex
OutputDebugStringA
GetModuleHandleA
FindNextFileA
WaitForMultipleObjects
SetProcessWorkingSetSize
ProcessIdToSessionId
LoadLibraryA
GetLocalTime
GetPrivateProfileStringA
FindClose
GetProcAddress
SetLastError
GetLastError
FindFirstFileA
FlushFileBuffers
GetSystemDirectoryA
GetModuleFileNameW
CreateProcessA
MulDiv
GetFileAttributesW
CreateEventA
LoadLibraryW
WriteFile
GetWindowsDirectoryA
GetProcessHeap
GetTickCount
GetModuleHandleW
SetEvent
WaitForSingleObject
GetCurrentProcess
FreeLibrary
SetFilePointer
SetPriorityClass
HeapCompact
CreateFileA
SetEnvironmentVariableA

user32

EnableWindow
SetScrollInfo
IsWindowVisible
GetSystemMetrics
RedrawWindow
BeginPaint
GetParent
GetKeyState
IsZoomed
IsIconic
MoveWindow
GetMessagePos
SetDlgItemTextA
DestroyIcon
DialogBoxParamA
LoadCursorA
SetMenuItemInfoA
DestroyMenu
UpdateWindow
SetWindowTextA
InsertMenuA
SetMenuDefaultItem
CreateDialogParamA
PostMessageA
IsWindow
AppendMenuA
FrameRect
CreatePopupMenu
ShowWindow
GetMenuStringA
GetCursorPos
SetWindowPos
GetDesktopWindow
DefWindowProcA
EndDialog
GetDlgItem
ReleaseDC
PeekMessageA
CreateWindowExA
InvalidateRect
MessageBoxA
TrackPopupMenuEx
GetWindowRect
ScreenToClient
EndPaint
GetDC
RegisterWindowMessageA
SetFocus
LoadIconA
SetForegroundWindow
DrawIconEx
MsgWaitForMultipleObjects
KillTimer
FillRect
SendDlgItemMessageA
FindWindowExA
DispatchMessageA
GetClientRect
CharLowerBuffA
DestroyWindow
SetCursor
SetTimer
RegisterClassExA
PostQuitMessage

gdi32

CreateSolidBrush
GetDeviceCaps
CreateFontA
ExtTextOutA
SetTextAlign
RoundRect
CreatePen
CreateRectRgn
Ellipse
SelectObject
SetBkMode
SetBkColor
SetTextColor
LineTo
GetTextExtentPoint32A
MoveToEx
DeleteObject
GetStockObject

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExW
RegSetValueExA
GetNamedSecurityInfoA
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetNamedSecurityInfoA
SetEntriesInAclA
RegCloseKey
RegOpenKeyA
GetUserNameA
RegQueryValueExA
LsaFreeMemory
LsaClose
LsaOpenPolicy
LsaQueryInformationPolicy
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

mpr

WNetGetLastErrorA

rpcrt4

UuidCreate

ws2_32

connect
getsockname
recv
send
WSAIoctl
WSAStringToAddressA
gethostname
WSAStartup
getaddrinfo
ntohs
freeaddrinfo
WSASetLastError
gethostbyname
getsockopt
WSASocketA
inet_addr
inet_ntoa
ntohl
WSAAddressToStringA
recvfrom
htonl
WSAGetLastError
htons
setsockopt
sendto
bind
socket
closesocket
WSAAsyncSelect
WSACleanup

netapi32

DsGetDcNameA
NetServerGetInfo
NetApiBufferFree

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
waveOutGetVolume
waveOutSetVolume
waveOutGetNumDevs
PlaySoundA
waveOutGetDevCapsA

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b93e8e99bab45541d57b25dea8ae7cb2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

mpr

rpcrt4

ws2_32

netapi32

winmm

Sections

.text Size: 236KB - Virtual size: 236KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 7KB - Virtual size: 28KB

.rsrc Size: 134KB - Virtual size: 133KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 236KB - Virtual size: 236KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 7KB - Virtual size: 28KB

.rsrc
Size: 134KB - Virtual size: 133KB

.reloc
Size: 22KB - Virtual size: 21KB