NEAS[.]dbcc1a863ce534c9b343df009875be90[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dbcc1a863ce534c9b343df009875be90.exe
Size

548KB
MD5

dbcc1a863ce534c9b343df009875be90
SHA1

776da33a0b8ee5ceabb3f5b370f4b0f11f7754cc
SHA256

1957c7166bdf9bea0c91c97be463fe5b20d91a71a2be4e98bd39f69ece41badf
SHA512

8e1f0d2384a807660a6d89df5ec574fb31ce3da2657c0215f8a6a72d7b2e0856afce15bab60535df7bb682f0cc24aa3b7f2d48a16fd2fa747c76234845456933
SSDEEP

6144:W+r/rRT8BQTp58N1RvekRO00UyxPkbIpC906x6OhLrrWl6digCB92mEMbd/mvZSn:WG561JwzULW2idFBh/mQxK4tU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dbcc1a863ce534c9b343df009875be90.exe

Files

NEAS.dbcc1a863ce534c9b343df009875be90.exe
.exe windows:5 windows x86

69a74beb52318a82d0e34b59524792db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
joyGetPosEx
joyGetNumDevs
joyGetDevCapsA

imm32

ImmAssociateContext

kernel32

GetModuleHandleA
GlobalUnlock
GlobalLock
ExitProcess
SetThreadExecutionState
SetPriorityClass
GetCurrentProcess
HeapSize
WriteConsoleW
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
LCMapStringW
LCMapStringA
GetConsoleMode
FreeLibrary
ReadFile
GetFileType
SetHandleCount
SetFilePointer
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadLibraryA
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStartupInfoA
GetCommandLineA
RtlUnwind
CreateThread
GetCurrentThreadId
ExitThread
HeapFree
GetLastError
GlobalAlloc
CreateFileA
WriteFile
MultiByteToWideChar
GlobalFree
ReadConsoleInputA
WriteConsoleA
GetConsoleCP
FreeConsole
AllocConsole
SetConsoleTitleA
SetConsoleCtrlHandler
GetConsoleWindow
GetStdHandle
SetConsoleScreenBufferSize
SetConsoleTextAttribute
Sleep
GetVersionExA
WaitForSingleObject
CloseHandle
HeapAlloc
DeleteFileA
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetLocalTime
GetLongPathNameA
GetModuleFileNameA
GetFullPathNameA
UnhandledExceptionFilter
GetProcAddress
SetEndOfFile
GetProcessHeap
WideCharToMultiByte

user32

RemoveMenu
GetSystemMenu
FindWindowA
GetForegroundWindow
GetAsyncKeyState
SetCursorPos
ClientToScreen
ShowCursor
ScreenToClient
GetCursorPos
PostMessageA
GetDC
SetRect
MessageBoxA
UpdateWindow
InvalidateRect
EnableMenuItem
CheckMenuRadioItem
CheckMenuItem
AppendMenuA
DeleteMenu
InsertMenuA
DrawMenuBar
SetMenuItemInfoA
GetMenuItemCount
ReleaseDC
GetDlgItem
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SendInput
DestroyWindow
PostQuitMessage
BeginPaint
EndPaint
SendMessageA
DialogBoxParamA
DefWindowProcA
SetWindowTextA
SetMenu
SetTimer
SetFocus
CallWindowProcA
SendDlgItemMessageA
EndDialog
SetDlgItemTextA
OpenClipboard
GetClipboardData
CloseClipboard
AdjustWindowRect
ChangeDisplaySettingsA
SetWindowLongA
SetWindowPos
GetClientRect
GetWindowLongA
EnumDisplaySettingsA
DestroyMenu
IsMenu
LoadMenuA
GetMenuItemID

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SetStretchBltMode
SetBkMode
SetTextColor
ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectA
StretchBlt
SelectObject
DeleteObject
DeleteDC
SetPixelV
BitBlt
GetStockObject

comdlg32

GetOpenFileNameA

shell32

DragFinish
DragAcceptFiles
DragQueryFileA

shlwapi

PathRemoveExtensionA

wsock32

WSAStartup
WSACleanup
closesocket
shutdown
WSAGetLastError
connect
htons
sendto
send
recvfrom
recv
socket
WSAAsyncSelect

gdiplus

GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipGetImageEncoders
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipCloneImage

d3d9

Direct3DCreate9

avifil32

AVIFileExit
AVIFileRelease
AVIStreamRelease
AVIStreamWrite
AVIStreamSetFormat
AVIMakeCompressedStream
AVISaveOptionsFree
AVISaveOptions
AVIFileCreateStreamA
AVIFileOpenA
AVIFileInit

dsound

ord1

dinput

DirectInputCreateA

Sections

.text
Size: 434KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a74beb52318a82d0e34b59524792db

Headers

DLL Characteristics

File Characteristics

Imports

winmm

imm32

kernel32

user32

gdi32

comdlg32

shell32

shlwapi

wsock32

gdiplus

d3d9

avifil32

dsound

dinput

Sections

.text Size: 434KB - Virtual size: 434KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 10KB - Virtual size: 3.9MB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 434KB - Virtual size: 434KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 10KB - Virtual size: 3.9MB

.rsrc
Size: 10KB - Virtual size: 10KB