NEAS[.]62a6169a453eb3f2ad39d1cce1515cc0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.62a6169a453eb3f2ad39d1cce1515cc0.exe
Size

2.4MB
MD5

62a6169a453eb3f2ad39d1cce1515cc0
SHA1

25e89dde89ab74f4e62595fee83fa9f394d9e9a4
SHA256

f7dc7d7a6bb5fdd190562e67af9f9fb30bee84e6bfc2088f25926aebc3917a7e
SHA512

f9a5e4b02d605b735e78f0286760127442e0180fb0e81cc2d4b0a8c1b82fc0b3f65f3fe48b2556fdbe180a070b8388fc5dbdcefdbe677691d3a3731715a2eff8
SSDEEP

49152:nritZ+8lnC5cWEyS1pWOxRdGBsi/YAKDKJQb:y05vvS1bfEBsIYvD3b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.62a6169a453eb3f2ad39d1cce1515cc0.exe

Files

NEAS.62a6169a453eb3f2ad39d1cce1515cc0.exe
.exe windows:4 windows x86

a4c19bccd43fa59903a786f726321b40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libsti32

ord20
ord53
ord36
ord18
ord8
ord21
ord12
ord5
ord7
ord6
ord4
ord46
ord166
ord31
ord99
ord172
ord11
ord41
ord85
ord10
ord143
ord141
ord150
ord152
ord154
ord13
ord27
ord17
ord2
ord160
ord162
ord32
ord3
ord34
ord86
ord43
ord42
ord30
ord29
ord28
ord45
ord50
ord101

cktbl32

_CKTBLGetFullTopRow@4
_CKTBLSetCurrentCell@12
_CKTBLIsMoveResizing@4
_CKTBLTestColumnFullyVisible@8
_CKTBLGetSelection@12
_CKTBLChangeSelection@12
_CKTBLGetDefaultRowHeight@4
_CKTBLSetDefaultRowHeight@8
_CKTBLModifyRectAttr@20
_CKTBLInvalidateAndEraseColumn@8
_CKTBLScrollToRow@8
_CKTBLModifyAttr@24
_CKTBLInsertRowsAfter@12
_CKTBLRemoveRows@12
_CKTBLRemoveColumns@12
_CKTBLGetSelectionSize@4
_CKTBLDelSelection@8
_CKTBLSetFlags@8
_CKTBLGetRows@4
_CKTBLInsertColumnsAfter@12
_CKTBLRemoveJamColumnPointer@8
_CKTBLShowCell@12
_CKTBLSetRows@8
_CKTBLSetFlagsEx@8
_CKTBLSetFixedColumns@8
_CKTBLAddJamColumnPointer@12
_CKTBLGetEditHandle@4
_CKTBLGetCurrentColumn@4
_CKTBLGetCurrentRow@4
_CKTBLStartEditRequest@16
_CKTBLInvalidateAndEraseCell@12
_CKTBLSetOutsideColor@8
_CKTBLSetGridColor@12
_CKTBLInEdit@4
_CKTBLEndEdit@8
_CKTBLGetFlags@4
_CKTBLGetColumns@4
_CKTBLGetColumnWidth@8
_CKTBLUpdateRowHeight@8
_CKTBLGetJamColumnPointer@8
_CKTBLSetColumnWidth@12
_CKTBLGetRowHeight@8
_CKTBLSetRowHeight@12
_CKTBLGetTopRow@4
_CKTBLGetVisibleRows@4

kernel32

CreateFileA
UnlockFile
LockFile
GlobalReAlloc
ReleaseSemaphore
OpenSemaphoreA
CreateSemaphoreA
SearchPathA
InterlockedIncrement
SetErrorMode
GetFileSize
GetProcessHeap
TlsFree
GetCurrentProcessId
SystemTimeToFileTime
TlsAlloc
TlsGetValue
WinExec
GetDriveTypeA
GetProcAddress
LoadLibraryA
FreeLibrary
CopyFileA
MoveFileA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
_lclose
_lread
_lopen
lstrcpyA
lstrlenA
lstrcmpiA
lstrcatA
GetVersion
_llseek
OpenFile
CloseHandle
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetCurrentThreadId
lstrcmpA
MultiByteToWideChar
GetWindowsDirectoryA
GetPrivateProfileStringA
lstrcpynA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
GlobalSize
MulDiv
LockResource
FreeResource
LoadResource
FindResourceA
GlobalDeleteAtom
GlobalFindAtomA
AddAtomA
TlsSetValue
GlobalFlags
GetLastError
GetModuleHandleA
OutputDebugStringA
lstrcmpiW
lstrlenW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProfileStringW
GlobalAddAtomW
lstrcmpW
SizeofResource
FindResourceW
GetCurrentDirectoryA
GetFullPathNameA
SetCurrentDirectoryA
DeleteFileA
HeapFree
HeapAlloc
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
ExitProcess
TerminateProcess
GetCurrentProcess
FindNextFileA
GetLocalTime
GetCommandLineA
GetModuleFileNameA
GetTimeZoneInformation
GetSystemTime
SetEnvironmentVariableA
GetFileType
DeleteAtom
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
ReadFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
WriteFile
RaiseException
SetEnvironmentVariableW
HeapSize
FlushFileBuffers
SetEndOfFile
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
Sleep
DeleteCriticalSection
GetEnvironmentVariableA
GetVolumeInformationA
FormatMessageA
ReleaseMutex
CreateMutexA
InterlockedCompareExchange
InterlockedDecrement
LocalAlloc
LocalFree
DeviceIoControl

gdi32

RestoreDC
GetTextAlign
TextOutA
GetCurrentPositionEx
GetNearestPaletteIndex
ResizePalette
SetPaletteEntries
GetSystemPaletteEntries
CreatePalette
CreatePen
SetBrushOrgEx
SetViewportOrgEx
SetBkMode
SetTextAlign
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateBrushIndirect
GetNearestColor
SetMapMode
EnumFontFamiliesA
EnumFontsA
GetDeviceCaps
PatBlt
ExtTextOutW
RectVisible
Polygon
GetTextExtentPointW
RectInRegion
GetViewportOrgEx
SaveDC
CreateSolidBrush
CreateICA
RealizePalette
BitBlt
ExtTextOutA
IntersectClipRect
CreateCompatibleDC
CreateCompatibleBitmap
StretchDIBits
GetCharABCWidthsA
CreateFontIndirectA
GetStockObject
CreateDCA
CreateDIBitmap
GetObjectA
GetBitmapBits
DeleteDC
MoveToEx
LineTo
Rectangle
SetTextColor
SetBkColor
CreatePenIndirect
SetROP2
DeleteObject
SelectPalette
GetTextMetricsA
GetTextExtentPointA
GetCharWidthA
SelectObject
SetStretchBltMode
SetDIBitsToDevice

user32

DefWindowProcW
DefDlgProcW
GetClassInfoW
IntersectRect
GetWindowDC
GetWindowTextW
ExcludeUpdateRgn
MapWindowPoints
GetWindowTextLengthW
CharNextW
CallWindowProcW
DrawTextW
RemovePropW
SetWindowsHookExW
GetWindowLongW
SendMessageW
IsWindowUnicode
GetClassNameW
SetWindowLongW
SetPropW
GetPropW
CharUpperA
CharLowerA
IsCharAlphaNumericA
IsCharLowerA
IsCharUpperA
DispatchMessageA
TranslateMDISysAccel
TranslateAcceleratorA
GetMessageA
TranslateMessage
EnableScrollBar
DdeCmpStringHandles
DdeQueryConvInfo
DdeDisconnectList
DdeQueryStringA
DdeCreateDataHandle
GetScrollRange
SetScrollRange
DefFrameProcA
GetUpdateRect
LoadBitmapA
PtInRect
UnionRect
IsCharAlphaA
ShowWindow
CharToOemA
OemToCharA
SetTimer
GetActiveWindow
KillTimer
EndPaint
BeginPaint
WinHelpA
CheckDlgButton
IsDlgButtonChecked
MessageBeep
UpdateWindow
SetWindowLongA
GetClientRect
IsIconic
GetWindowRect
ScreenToClient
ClientToScreen
GetSystemMetrics
InvalidateRect
SetWindowTextA
GetWindowLongA
DrawMenuBar
DeleteMenu
GetMenuItemID
GetMenuItemCount
GetSystemMenu
SendMessageA
ReleaseDC
GetTabbedTextExtentA
GetDC
CharPrevA
CharNextA
wsprintfA
ShowCaret
HideCaret
GetFocus
GetKeyState
GetScrollPos
SetWindowPos
GetWindowTextA
LoadIconA
DrawIcon
SetScrollPos
GetScrollInfo
ScrollWindow
IsWindowVisible
GetParent
SetScrollInfo
EnableWindow
OffsetRect
InflateRect
CopyRect
EnumChildWindows
GetClassNameA
CreateWindowExA
RegisterClassA
LoadCursorA
MoveWindow
DefWindowProcA
SetRect
DestroyWindow
GetSysColor
IsRectEmpty
DrawTextA
SetCursor
CreateIcon
SetClassLongA
GetClassInfoA
CallWindowProcA
GetClassLongA
SetForegroundWindow
IsWindowEnabled
GetLastActivePopup
GetWindowThreadProcessId
DestroyCaret
SetFocus
ReleaseCapture
GetCapture
AppendMenuA
CreateMenu
DestroyMenu
EnableMenuItem
IsClipboardFormatAvailable
CreatePopupMenu
GetMenu
ModifyMenuA
GetSubMenu
CheckMenuItem
GetMenuStringA
GetMenuState
RemoveMenu
IsMenu
InsertMenuA
MessageBoxA
DialogBoxIndirectParamA
GetDialogBaseUnits
SystemParametersInfoA
GetDlgItem
SendDlgItemMessageA
EndDialog
DestroyIcon
PeekMessageA
SetCaretPos
PostMessageA
SetCapture
RedrawWindow
EnumThreadWindows
GetCaretPos
IsWindow
SetActiveWindow
GetWindowTextLengthA
DdeClientTransaction
DdeQueryNextServer
DdeFreeStringHandle
DdeCreateStringHandleA
DdeUnaccessData
DdeAccessData
LoadAcceleratorsA
GetWindowPlacement
SetWindowPlacement
SetParent
GetWindow
GetDoubleClickTime
FindWindowA
DdeGetLastError
DdeConnectList
IsZoomed
GetTopWindow
CreateCaret
FillRect
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
TrackPopupMenu
GetCursorPos
RegisterClipboardFormatA
DdeNameService
DdeInitializeA
DdeUninitialize
DdePostAdvise
InvalidateRgn
ValidateRect
GetUpdateRgn
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
DefMDIChildProcA
GrayStringA
DrawFocusRect
SetPropA
GetPropA
RemovePropA

comctl32

ord17

comdlg32

GetSaveFileNameA
ChooseColorA
ChooseFontA
GetOpenFileNameA

util32c

pgmstart

meda_fez

ord2
ord3
ord1

fezinfo

ord2
ord1

ad_0705

ord3
ord1
ord2

util_01c

hardlock_file_check
hardl_ok
hex_to_int

util02c

ord5
ord4
ord3
ord10
ord9

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_CODE
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4c19bccd43fa59903a786f726321b40

Headers

File Characteristics

Imports

libsti32

cktbl32

kernel32

gdi32

user32

comctl32

comdlg32

util32c

meda_fez

fezinfo

ad_0705

util_01c

util02c

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 228KB - Virtual size: 1.4MB

_CODE Size: 20KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 228KB - Virtual size: 1.4MB

_CODE
Size: 20KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 3KB