NEAS[.]8b48a1b5a19cb1e67f43c81386fa26d0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.8b48a1b5a19cb1e67f43c81386fa26d0.exe
Size

325KB
MD5

8b48a1b5a19cb1e67f43c81386fa26d0
SHA1

bb8d38a056d805d0f10fbdbe810f968ff3b9d184
SHA256

39b902c7f2684b5faf01bb3872ddd4fd4066f15553e6b009a9be0fef85928b2c
SHA512

361cac8ab1d20df90dd498c6cee0f0b0a8a1716b88a0ce437c48defe16c48e416bb3a4e75e97d659fe06d10c26d5dbc0b08a1146283265e8c1da6c744883c2e7
SSDEEP

6144:ZYgZdcJZs091uPFP1QpCT0LurJH1l3ZwzaKAG6cz9eswTfmr/yruO:ZY1JKIMlypCgiFJxlcz9eswT0hO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8b48a1b5a19cb1e67f43c81386fa26d0.exe

Files

NEAS.8b48a1b5a19cb1e67f43c81386fa26d0.exe
.exe windows:5 windows x86

921e4be1e92a73c509f373c95df83500

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp90

?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$allocator@_W@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z

msvcr90

_exit
_cexit
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
__getmainargs
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_amsg_exit
wcscmp
_CxxThrowException
_invalid_parameter_noinfo
__CxxFrameHandler3
strlen
isalpha
isupper
tolower
wcscpy
memset
memcpy
_adjust_fdiv
_XcptFilter

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.seca
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

921e4be1e92a73c509f373c95df83500

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp90

msvcr90

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 896B

.seca Size: 292KB - Virtual size: 292KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 896B

.seca
Size: 292KB - Virtual size: 292KB