NEAS[.]1f9bea362e7de34f1b9add72973a6d60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1f9bea362e7de34f1b9add72973a6d60.exe
Size

323KB
MD5

1f9bea362e7de34f1b9add72973a6d60
SHA1

745c924e0097503058bef84c837a56f3f5e666fe
SHA256

08cd4e74435941692e5d39c488c89d200708bcdf760cad0f9757de7e834a3c09
SHA512

191e9370dd78f614f98853f25bae682db071717c18bf4cdf03185c56342d9907a2d371c3b506d8114de86b782a2bf9b29fa8920a265a42ca1eae677f8e5f8d50
SSDEEP

6144:qW+BIKnX7niAhsmNaYSSYOV6Io0OcLpVpj7FY8jXKSZKMatm80aHhdH:q1Lnph6YSdOVzvj6IKSZKMR80IH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1f9bea362e7de34f1b9add72973a6d60.exe

Files

NEAS.1f9bea362e7de34f1b9add72973a6d60.exe
.exe windows:5 windows x86

fcdd393a3f2ef3c951f3260166bed3ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

comctl32

InitCommonControlsEx

winmm

mixerGetNumDevs
mixerGetDevCapsW
mixerGetLineInfoW

kernel32

lstrcatW
GetLastError
CreateMutexW
CreateFileW
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GetVersionExW
ExitProcess
GetTickCount
GetVersion
GetCurrentProcess
FreeResource
WriteFile
CloseHandle
lstrcmpiW
lstrcpynW
GetModuleHandleW
lstrlenW
FindResourceW
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GetLogicalDriveStringsW
lstrcpyW
GetDriveTypeW
GetProcessHeap
HeapAlloc
HeapSize
HeapFree
ReadFile

user32

CallWindowProcW
SetWindowLongW
DialogBoxParamW
SetForegroundWindow
FindWindowW
IsDlgButtonChecked
CheckDlgButton
CreateDialogIndirectParamW
GetWindowLongW
DestroyIcon
LoadIconW
DeleteMenu
GetSubMenu
GetMenu
IsCharAlphaW
IsCharAlphaNumericW
MessageBoxW
PostMessageW
GetSysColorBrush
DestroyMenu
DialogBoxIndirectParamW
AppendMenuW
CreatePopupMenu
LoadStringW
GetFocus
GetDlgCtrlID
SetFocus
GetCursorPos
TrackPopupMenu
GetKeyNameTextW
EndDialog
SystemParametersInfoW
GetSystemMetrics
GetWindowRect
MapWindowPoints
LoadCursorW
SetCursor
EnableWindow
ShowWindow
RedrawWindow
GetDC
FillRect
DrawTextW
CreateWindowExW
SetWindowPos
GetClientRect
wsprintfW
SetWindowTextW
SetDlgItemTextW
GetDlgItem
SendMessageW
LoadBitmapW

gdi32

CreateCompatibleDC
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
GetStockObject
SetTextColor
CreateFontIndirectW
DeleteObject
SetBkMode
SetBkColor
CreateFontW
ExtTextOutW
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcdd393a3f2ef3c951f3260166bed3ab

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 272KB - Virtual size: 271KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 272KB - Virtual size: 271KB