NEAS[.]97a322b91affabc1cf3bb6161ebdccf0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.97a322b91affabc1cf3bb6161ebdccf0.exe
Size

2.3MB
MD5

97a322b91affabc1cf3bb6161ebdccf0
SHA1

6badbdc91ac121fa07df1fd2de27d9151185b1f4
SHA256

898752d980e53a7251d49c57e9f253f16dc3bb8ead567230f3547f14b252cbe9
SHA512

10f8bf545acbaea37d68e10288b245066c507ef690e1b52dd9f2baeca3eb1d724f9c475671d2640ef460d9bb34f566cab09e528c636984d9caff6668f4873fe1
SSDEEP

49152:RB1BTAW0tsUkhQ8x/gD+JODh6+iGYtf/0JV/aqcth5tEk/fObRvOKBUi+I:NBTAW0t6xPJODottfEcqcth5+KfOb0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.97a322b91affabc1cf3bb6161ebdccf0.exe

Files

NEAS.97a322b91affabc1cf3bb6161ebdccf0.exe
.exe windows:4 windows x86

9279640585e74487b355aa68feb4cadc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod
mciSendCommandA
mciGetErrorStringA
timeGetTime
timeGetDevCaps
timeKillEvent
timeSetEvent

kernel32

SetEndOfFile
RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
RaiseException
CreateThread
ExitThread
HeapSize
HeapReAlloc
GetACP
HeapDestroy
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsAlloc
LocalAlloc
GlobalFlags
lstrcmpA
SetErrorMode
SetThreadPriority
LocalFree
GetLastError
lstrcpynA
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
OutputDebugStringA
GetFullPathNameA
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
GetCommandLineA
GetStartupInfoA
ExitProcess
GetTickCount
LoadLibraryA
FreeLibrary
GetVersionExA
UnhandledExceptionFilter
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
lstrcatA
SetFileAttributesA
GetTempFileNameA
DeleteFileA
GetFileAttributesA
GetTempPathA
GetModuleHandleA
GetProcAddress
GlobalReAlloc
GlobalAlloc
GlobalHandle
GlobalLock
GlobalUnlock
GlobalFree
SuspendThread
Sleep
EnterCriticalSection
LeaveCriticalSection
SetEvent
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
ResumeThread
GetShortPathNameA
CreateProcessA
WaitForSingleObject
CloseHandle
MultiByteToWideChar
HeapCreate
VirtualFree
GetDriveTypeA

user32

IsWindowVisible
GetFocus
GetSysColor
MapWindowPoints
SetFocus
SetWindowTextA
ShowWindow
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ValidateRect
GetActiveWindow
GetClassNameA
PtInRect
LoadCursorA
DestroyMenu
ModifyMenuA
GetTopWindow
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
GetSysColorBrush
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
SetWindowLongA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
ClientToScreen
CharNextA
PeekMessageA
SendMessageA
DialogBoxParamA
LoadIconA
SetForegroundWindow
RegisterWindowMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
SetCursor
DefWindowProcA
GetCursorPos
SystemParametersInfoA
IsWindow
GetForegroundWindow
SetCapture
GetCapture
ReleaseCapture
LoadStringA
AdjustWindowRectEx
GetSystemMetrics
SetWindowPos
BeginPaint
EndPaint
EndDialog
MessageBoxA
CopyRect
UpdateWindow
EnableWindow
GetParent
GetAsyncKeyState
GetClientRect
SetRect
GetWindowLongA
InvalidateRect
OffsetRect
GetDC
GetWindowRect
ReleaseDC
MsgWaitForMultipleObjects
PostMessageA
SetTimer
KillTimer
wsprintfA
SetWindowsHookExA
FindWindowA
RegisterClassA
CreateWindowExA

gdi32

SelectObject
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
StretchBlt
GetStockObject
CreateDIBSection
DeleteDC
StretchDIBits
SetBrushOrgEx
SetStretchBltMode
PatBlt
CreateDIBitmap
EnumFontFamiliesA
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
CreatePalette
RealizePalette
SelectPalette
GetClipBox
TextOutA
SetTextColor
GetCharABCWidthsA
SetTextAlign
SetBkMode
SaveDC
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
GetObjectA
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoUninitialize
StgOpenStorage
StgIsStorageFile

Exports

Exports

ScreenSaverConfigureDialog
ScreenSaverProc

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IS_MMX_T
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

QMAD_TEX
Size: 4KB - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9279640585e74487b355aa68feb4cadc

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

Exports

Exports

Sections

.text Size: 288KB - Virtual size: 287KB

IS_MMX_T Size: 4KB - Virtual size: 46B

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 52KB - Virtual size: 2.7MB

QMAD_TEX Size: 4KB - Virtual size: 165B

.rsrc Size: 104KB - Virtual size: 101KB

.text
Size: 288KB - Virtual size: 287KB

IS_MMX_T
Size: 4KB - Virtual size: 46B

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 52KB - Virtual size: 2.7MB

QMAD_TEX
Size: 4KB - Virtual size: 165B

.rsrc
Size: 104KB - Virtual size: 101KB