NEAS[.]9475a59e349d920f0094b6383402e9f0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9475a59e349d920f0094b6383402e9f0.exe
Size

561KB
MD5

9475a59e349d920f0094b6383402e9f0
SHA1

9194a572f0192464cd17d4052e166bb17095d679
SHA256

081ee68f1a655a747bb219fac3b97d18967f259abd3bed379e0e8b6b6183f24b
SHA512

83f05227ebb1fb6859f5235123423da5888010de92ad91e10d3880ebdceef79b62f9d44e40d4501524101bbc7558c13b8d8a3f85dae60d4bbe9dc964164f7530
SSDEEP

6144:V8ZZDTsvtRxKJ95PcMyeu19JYpMchx3g8Vu1my4KT:2ZDTsVRoD5Pc9d19J8h7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9475a59e349d920f0094b6383402e9f0.exe

Files

NEAS.9475a59e349d920f0094b6383402e9f0.exe
.exe windows:4 windows x86

3771717b2cc16d22a9c9f2929be788ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA

comctl32

ImageList_Destroy
InitCommonControls

gdi32

SetTextAlign
GetDeviceCaps
GetViewportExtEx
IntersectClipRect
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
CreateDIBitmap
GetTextExtentPointA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
SelectObject
DeleteDC
CreateBitmap
SetTextColor
GetClipBox
SetBkColor
CreateFontA
CreateCompatibleDC
GetViewportOrgEx
SetViewportOrgEx
CreateCompatibleBitmap
DeleteObject
GetStockObject
BitBlt
CreateSolidBrush
GetObjectA
GetTextExtentPoint32A

kernel32

HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LockResource
GetCommandLineA
GetTimeZoneInformation
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetFileTime
CompareStringA
CompareStringW
ExitProcess
RtlUnwind
GetStartupInfoA
RaiseException
SetErrorMode
GetTickCount
SizeofResource
GetOEMCP
GetCPInfo
LocalReAlloc
GetProcessVersion
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
LocalAlloc
GlobalHandle
TlsAlloc
GlobalFlags
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetStdHandle
InterlockedDecrement
InterlockedIncrement
CreateMutexA
GetLastError
OpenFile
_lopen
_hread
_lclose
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetModuleHandleA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetFileAttributesA
IsBadCodePtr
GetProfileStringA
lstrcmp
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
MulDiv
SetLastError
GetVersion
lstrcat
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpy
LockResource
FindResourceA
LoadResource
lstrcpyn
lstrcmpi
FormatMessageA
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
lstrlen
SetStdHandle
GetFileType
SetEnvironmentVariableA
GetProcAddress

oleaut32

VariantClear
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantChangeType
SysAllocStringByteLen
VariantCopy

olepro32

OleCreateFontIndirect

shell32

ShellExecuteA

user32

RegisterClipboardFormatA
PostThreadMessageA
InflateRect
GetSysColorBrush
LoadCursorA
GetDesktopWindow
GetClassNameA
DestroyMenu
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
PostQuitMessage
LoadStringA
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessage
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
DestroyWindow
GetDlgItem
IsWindow
SetFocus
RegisterClipboardFormatA
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
IsWindowEnabled
GetSystemMenu
AppendMenuA
LoadIconA
IsIconic
GetSystemMetrics
DrawIcon
MessageBoxA
GetWindowRect
GetFocus
GetWindowLongA
PtInRect
RedrawWindow
SetCursor
InvalidateRect
UpdateWindow
FillRect
OffsetRect
GetSysColor
GetClientRect
GetKeyState
TranslateMessage
DispatchMessageA
EnableWindow
GetParent
SendMessageA
IsWindowVisible
GetMenuState
ExcludeUpdateRgn
DrawFocusRect
ShowCaret
IsWindowUnicode
HideCaret
UnregisterClassA
DefDlgProcA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
CoRevokeClassObject
OleFlushClipboard
CoTaskMemFree

oledlg

OleUIBusyA

urlmon

CreateURLMoniker

Sections

.text
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KuNgBiM
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LordFox
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JGLong
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3771717b2cc16d22a9c9f2929be788ee

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

olepro32

shell32

user32

winspool.drv

comdlg32

ole32

oledlg

urlmon

Sections

.text Size: 186KB - Virtual size: 188KB

.data Size: 47KB - Virtual size: 48KB

.rsrc Size: 19KB - Virtual size: 40KB

���� Size: 284KB - Virtual size: 284KB

KuNgBiM Size: 7KB - Virtual size: 8KB

LordFox Size: 12KB - Virtual size: 12KB

.JGLong Size: 1KB - Virtual size: 4KB

.text
Size: 186KB - Virtual size: 188KB

.data
Size: 47KB - Virtual size: 48KB

.rsrc
Size: 19KB - Virtual size: 40KB

��
Size: 284KB - Virtual size: 284KB

KuNgBiM
Size: 7KB - Virtual size: 8KB

LordFox
Size: 12KB - Virtual size: 12KB

.JGLong
Size: 1KB - Virtual size: 4KB