NEAS[.]7f833aaec37f1472baf65e7b3fe50e50[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7f833aaec37f1472baf65e7b3fe50e50.exe
Size

36KB
MD5

7f833aaec37f1472baf65e7b3fe50e50
SHA1

a02fd43ef4681b9c1ba41fd0b1c065440e62d00e
SHA256

0e17c8425aa9a7af9ad72a7d15374bd01e686595f84e79cacfa1af4e353e492a
SHA512

187fe22c2bfad0389da30cf38859e5cd59f2026d565828a97b2e41b91ce7142056fd597e873a6f62b26ec54d0bb8ec553b176ae47c3dc8f87752e7439c1f3ec9
SSDEEP

192:IiSyM3rKajdEZ5Yv1S4ILoiIAfrIAaaDG:IiSIaZEd4ILouiaDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7f833aaec37f1472baf65e7b3fe50e50.exe

Files

NEAS.7f833aaec37f1472baf65e7b3fe50e50.exe
.dll regsvr32 windows:4 windows x86

2449d455dd70ade5808c092c4329dbdc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcpy
strcspn
strlen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2449d455dd70ade5808c092c4329dbdc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ucrtbase

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 80B

.rodata Size: 4KB - Virtual size: 24B

.rdata Size: 4KB - Virtual size: 348B

/4 Size: 4KB - Virtual size: 872B

.bss Size: - Virtual size: 160B

.edata Size: 4KB - Virtual size: 458B

.idata Size: 4KB - Virtual size: 596B

.reloc Size: 4KB - Virtual size: 240B

.text
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 80B

.rodata
Size: 4KB - Virtual size: 24B

.rdata
Size: 4KB - Virtual size: 348B

/4
Size: 4KB - Virtual size: 872B

.bss
Size: - Virtual size: 160B

.edata
Size: 4KB - Virtual size: 458B

.idata
Size: 4KB - Virtual size: 596B

.reloc
Size: 4KB - Virtual size: 240B