NEAS[.]119c6660cc20cab86bbc554a59b27da0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.119c6660cc20cab86bbc554a59b27da0.exe
Size

177KB
MD5

119c6660cc20cab86bbc554a59b27da0
SHA1

978abfe3c037b4dfef0d233543e3662ddb7aa97d
SHA256

d1fee1ad5fbfe6a03cf39b17bcd5d85f66e277d2d614500b33cc9d89a5fcba27
SHA512

f05953ff64c2d0ca248bdcf00f9c34e69ac0a846ccdac274a4f8e9bcdcf9f2363e218e0a8c0734ed92f0554f17e382753fc5ce00c2ab4b06c13f89f1eebbb60f
SSDEEP

3072:3WpEvQWonx0Eh5GQKbtMdrRGz6GbST/00Z3fjFBZw8e0j:mSd7QKWu62ST/007pwmj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.119c6660cc20cab86bbc554a59b27da0.exe

Files

NEAS.119c6660cc20cab86bbc554a59b27da0.exe
.exe windows:4 windows x86

b80b89f09c8f16cc3e428fd6322dfd04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

user32

LoadCursorW
GetSysColor
GetLastActivePopup
GetWindowTextW
EnableMenuItem
GetDC
GetWindowLongW
GetMenuCheckMarkDimensions
GetSystemMetrics
CheckMenuItem
IsWindowEnabled
MessageBoxW
GetParent
EnableWindow
LoadBitmapW
ModifyMenuW
ReleaseDC
GetSysColorBrush

ole32

CoUninitialize
CoCreateInstance
CoInitialize

gdi32

GetClipBox
SetViewportOrgEx
ScaleWindowExtEx
OffsetViewportOrgEx
SelectObject
SaveDC
PtVisible
SetViewportExtEx
SetMapMode
GetDeviceCaps
SetBkColor
ExtTextOutW
CreateBitmap
DeleteObject
TextOutW
ScaleViewportExtEx
SetTextColor
DeleteDC
SetWindowExtEx
RestoreDC
RectVisible
Escape
GetStockObject

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

kernel32

GetShortPathNameA
GetEnvironmentStringsW
GetModuleFileNameA
UnhandledExceptionFilter
GetTickCount
GetEnvironmentStrings
GetFileType
SetFilePointer
HeapCreate
HeapFree
TerminateProcess
HeapDestroy
LCMapStringW
GetStringTypeA
QueryPerformanceCounter
WriteFile
GetProcessAffinityMask
VirtualFree
GetStdHandle
VirtualQuery
GetStartupInfoA
GetOEMCP
FreeEnvironmentStringsW
VirtualAlloc
LCMapStringA
GetCPInfo
EnumResourceTypesW
RtlUnwind
VirtualProtect
IsBadReadPtr
GetCurrentProcessId
GetCurrentProcess
SetStdHandle
GetSystemInfo
GetFileAttributesA
GetStringTypeW
HeapReAlloc
GetCommandLineA
IsBadWritePtr
SetUnhandledExceptionFilter
HeapSize
FlushFileBuffers
SetHandleCount
GetSystemTimeAsFileTime
HeapAlloc
IsBadCodePtr
ExitProcess

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b80b89f09c8f16cc3e428fd6322dfd04

Headers

File Characteristics

Imports

shell32

shlwapi

user32

ole32

gdi32

advapi32

winspool.drv

kernel32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 67KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 67KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 248KB