NEAS[.]2930352bedf3b570918659a13ec655c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2930352bedf3b570918659a13ec655c0.exe
Size

1.0MB
MD5

2930352bedf3b570918659a13ec655c0
SHA1

7b62769716cbe5a862f8ad6eb64a9ecd3821e12b
SHA256

d1ad039f352bfdd9f6ee6a2b2bd390811687be8315591af613a304aaa7d3f7b9
SHA512

a85f2ca48cd18abb859278cb3942794a14938cefff961051907b49f1bbbcacb3a4230cedbba638132d4d8e021cc74b245b9c76174248a538534c2413194bad84
SSDEEP

24576:Jpigp1RFZn5IcXySrcB1Un5p2eImZKu3Ni:HiKF/4SQB1s5QeImwKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2930352bedf3b570918659a13ec655c0.exe

Files

NEAS.2930352bedf3b570918659a13ec655c0.exe
.exe windows:4 windows x86

67e719310c173590143ed9ac1f06f292

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetCurrentDirectoryA
GetLastError
FreeLibrary
CopyFileA
GetSystemDirectoryA
MultiByteToWideChar
Sleep
SetFilePointer
GetCommandLineA
DeleteFileA
RemoveDirectoryA
GetProcAddress
LoadLibraryA
GetFileAttributesA
GetTempPathA
WriteFile
OutputDebugStringA
CreateFileA
GetExitCodeProcess
CreateProcessA
CloseHandle
HeapAlloc
GetVersion
GetStringTypeA
ExitProcess
GetACP
GetCPInfo
GetOEMCP
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
HeapReAlloc
VirtualAlloc
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualFree
GetEnvironmentVariableA
GetFileType
GetVersionExA
ReadFile
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
LCMapStringA
GetStringTypeW
RtlUnwind
GetModuleHandleA
GetStartupInfoA
WideCharToMultiByte
GetCurrentProcess
HeapFree
TerminateProcess
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW

user32

DefWindowProcA
PostQuitMessage
CreateWindowExA
RegisterClassExA
LoadCursorA
CreateDialogParamA
DestroyWindow
UpdateWindow
SendMessageA
MessageBoxA
GetDlgItem
GetWindowTextA
SetWindowTextA
DialogBoxParamA
EndDialog
SetWindowLongA
GetWindowLongA
LoadIconA

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67e719310c173590143ed9ac1f06f292

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 21KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 21KB

.rsrc
Size: 12KB - Virtual size: 11KB