NEAS[.]a5bed659d3f5d2f735a98407e1ed5390[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a5bed659d3f5d2f735a98407e1ed5390.exe
Size

391KB
MD5

a5bed659d3f5d2f735a98407e1ed5390
SHA1

f629e89175361897884393e4bb8c10af6faaae61
SHA256

a3d5c405ff44226dd8217ec774be229ab6763d72d13e1bd7203122dd00ce1d7e
SHA512

a1650773b008e25f295b3fd29c11d8855a18a86c6b69b49d30f65cfc7031e07cbd95affb8cc23034b62f4b91e7bd7b5a9667dc3f892b4a13b1b44382b5c1a273
SSDEEP

6144:Ri55ZrMJQMmpmudUAHKPYXhsotI7AowWW3efYsbgWNyvMjd1Y:eMJQMmpZdyKhsotcABbOtbvyvMZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a5bed659d3f5d2f735a98407e1ed5390.exe

Files

NEAS.a5bed659d3f5d2f735a98407e1ed5390.exe
.exe windows:5 windows x86

ddea2ddc19a79cb8c10ed5668ecad4cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
CloseHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
ReadFile
GetModuleFileNameW
WriteFile
EnumSystemLocalesA
IsProcessorFeaturePresent
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
CreateFileW
FileTimeToLocalFileTime
FillConsoleOutputAttribute
GetModuleHandleA
GetConsoleScreenBufferInfo
GetLastError
GetStdHandle
FileTimeToSystemTime
SetConsoleCursorPosition
HeapCreate
Sleep
GetDateFormatA
GetProcessHeap
GetTimeFormatA
ExitProcess
WaitForSingleObject
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetCurrentProcess
HeapAlloc
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
lstrlenA
FillConsoleOutputCharacterA
GetCommandLineW
SetEndOfFile

user32

CopyRect
SetScrollInfo
SetDlgItemTextA
GetDlgItemTextA
MoveWindow
ModifyMenuA
LoadCursorA
SetClipboardData
EnableWindow
SendMessageW
LoadImageA
SetWindowTextA
ScrollWindowEx
EndPaint
CloseClipboard
DestroyAcceleratorTable
IsMenu
RegisterClassExA
PostQuitMessage
SendDlgItemMessageA
GetWindowDC
FillRect
GetMenuItemID
DrawTextA
DrawIconEx
CopyImage
LoadBitmapA
LoadIconA
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetDC
MessageBoxA
InvalidateRect
CreateAcceleratorTableA
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
GetDesktopWindow
GetSysColor
ShowWindow
CreatePopupMenu
LoadBitmapW
IsDlgButtonChecked
GetMenuItemCount
OpenClipboard

gdi32

FrameRgn
GetTextExtentPoint32A
GetDeviceCaps
DeleteObject
SelectObject
SelectClipRgn
PolyDraw
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
Rectangle
CreateRectRgn
CreatePen
GetTextMetricsA
GetPixel
GetStockObject
CreateSolidBrush
CreateEllipticRgn

winspool.drv

EnumPrintersA
FindFirstPrinterChangeNotification
EnumJobsA
GetPrinterA
FindClosePrinterChangeNotification
ClosePrinter

comdlg32

ChooseColorA

shell32

CommandLineToArgvW

netapi32

NetShareGetInfo
NetApiBufferFree
NetWkstaUserGetInfo

psapi

GetProcessMemoryInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_Create
ImageList_AddMasked

dxva2

GetMonitorBrightness

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddea2ddc19a79cb8c10ed5668ecad4cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

netapi32

psapi

version

comctl32

dxva2

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 126KB - Virtual size: 126KB

.data Size: 130KB - Virtual size: 139KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 126KB - Virtual size: 126KB

.data
Size: 130KB - Virtual size: 139KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 9KB - Virtual size: 9KB