NEAS[.]95518d23a64e88e1389403d133d40bc0[.]exe

General

Target

NEAS.95518d23a64e88e1389403d133d40bc0.exe
Size

36KB
MD5

95518d23a64e88e1389403d133d40bc0
SHA1

0f5bf7becf689648b00b7c10a24a678569c372c4
SHA256

14429817cbb9953180c64af1a5728e005b17303871c9a73658c4dbd2ec69d212
SHA512

c21a0cae9983267b0a5bdb984cedfaed588cf5e3021a84232c1ef36d745580a56815fcd0ab7e33a327ebd47f5cff7eb5fe895d1b4795e6f509a4f239460e24b6
SSDEEP

768:cLVpe+RIyVPIwYe7A0IW9+6IwYe7aYFdXDnCFAD:kVg2IyVPPYe7AM46PYe7aYFxOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.95518d23a64e88e1389403d133d40bc0.exe

Files

NEAS.95518d23a64e88e1389403d133d40bc0.exe
.exe windows:4 windows x86

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
CompareStringW
GetModuleHandleW
GetFullPathNameW
GetStringTypeW
lstrcpynW
GetCurrentProcess
lstrcmpA
GetProcAddress
TlsGetValue
OpenMutexA
GetPrivateProfileSectionA
WaitForSingleObjectEx
FoldStringW
WriteConsoleA
GetPrivateProfileSectionA
HeapAlloc
FileTimeToSystemTime
InterlockedDecrement
CopyFileW
DeviceIoControl
ReplaceFileA
FindNextVolumeW
QueryDosDeviceA
GetSystemTime
SetEnvironmentVariableA
GetLocalTime
GetDiskFreeSpaceA
SearchPathA
IsValidCodePage
GetShortPathNameA
GetTickCount
GetVolumePathNameA
GetPrivateProfileSectionA
SetErrorMode
GetProcessHeap
FindFirstVolumeW

cryptdll

MD5Final
MD5Init
CDLocateRng
CDBuildVect
MD5Update

user32

GetClassInfoA
CharToOemA
GetMessageW
EnumDesktopsA
GetCaretPos
IsDialogMessageA
wsprintfA
DispatchMessageA
SetFocus
PostMessageW
DrawIcon
DrawTextA
LoadCursorA
CreateDesktopA
DialogBoxParamW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

Imports

kernel32

cryptdll

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB