NEAS[.]b1745686e883bbd75586daa105e60410[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b1745686e883bbd75586daa105e60410.exe
Size

1.5MB
MD5

b1745686e883bbd75586daa105e60410
SHA1

7137edfbff9f5b4f13d36882870ce94ff09cb4d1
SHA256

5467c324f5e7cbeb77f55eead4d53e1d12ac1d430063b5927552c079cdc0d0b7
SHA512

2db5df85228b861fd36476980eace05e585ecba5adf02311762c6e3f60b5810c796d14a8b333340af4f8cd8dc286ef21f3b862ed5914aee75f0fec5242dc81c6
SSDEEP

24576:smbGBHWpY790o+doa9pmXGkIvwRFrRsTF8L9ec2BG:MadF9GGkIkrsTF8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b1745686e883bbd75586daa105e60410.exe

Files

NEAS.b1745686e883bbd75586daa105e60410.exe
.exe windows:4 windows x86

4bf1c5a7089e6612c2dc25b1728db68c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
Beep
GlobalMemoryStatus
GetEnvironmentVariableA
GetSystemTime
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVolumeInformationA
FindFirstFileA
CompareFileTime
FindNextFileA
FindClose
GetTempPathA
GetTempFileNameA
GetProfileStringA
lstrlenA
OutputDebugStringA
GetCurrentProcess
GetProcessTimes
GetLocalTime
SetLastError
GetLastError
FormatMessageA
LocalFree
GetCurrentDirectoryA
RemoveDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
MoveFileA
DeleteFileA
SetFilePointer
LockFileEx
LockFile
UnlockFileEx
UnlockFile
FlushFileBuffers
WriteFile
SetEndOfFile
ReadFile
CreateFileA
TerminateProcess
CreatePipe
SearchPathA
CloseHandle
GetStdHandle
GlobalGetAtomNameA
GlobalFindAtomA
FreeLibrary
GlobalAddAtomA
GlobalDeleteAtom
LoadLibraryA
GlobalFree
GlobalReAlloc
GlobalAlloc
GlobalLock
GetStartupInfoA
GetCommandLineA
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetFileType
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
MultiByteToWideChar
LCMapStringW
RaiseException
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
GlobalCompact
GlobalUnfix
GetDriveTypeA
QueryPerformanceFrequency
GetVersion
lstrcatA
_lclose
_hread
_lread
_llseek
_lopen
lstrcmpA
_hwrite
_lcreat
GetProfileIntA
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteProfileStringA
WritePrivateProfileStringA
GetFullPathNameA
GlobalUnlock
GlobalFlags
GlobalSize
LockResource
GetProcAddress
LoadResource
FreeResource
FindResourceA
SetConsoleTitleA
AllocConsole
GetModuleHandleA
SetHandleCount
lstrcpyA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameA
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
WinExec

user32

GetKeyState
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
keybd_event
MapVirtualKeyA
MoveWindow
GetWindowRect
BringWindowToTop
GetParent
LoadIconA
DrawIcon
DestroyIcon
SetWindowPos
SendMessageA
GetWindowDC
CreateMenu
CreatePopupMenu
EnableMenuItem
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetSystemMenu
DestroyMenu
GetSubMenu
GetMenuStringA
GetMenuState
DrawMenuBar
HiliteMenuItem
LoadMenuA
AppendMenuA
SetMenu
ModifyMenuA
InsertMenuA
RemoveMenu
LoadBitmapA
FillRect
IsMenu
InvertRect
MapDialogRect
InvalidateRect
DrawFocusRect
FrameRect
UpdateWindow
GetClassNameA
CreateWindowExA
RegisterClassA
SetClassWord
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SetParent
GetDesktopWindow
SetActiveWindow
SetCapture
GetCapture
GetDlgCtrlID
GetDCEx
GetWindow
MapWindowPoints
DestroyWindow
GetWindowThreadProcessId
GetWindowWord
ChildWindowFromPoint
DialogBoxParamA
DialogBoxIndirectParamA
EndDialog
CreateDialogParamA
CreateDialogIndirectParamA
SetPropA
GetPropA
GetDialogBaseUnits
DefFrameProcA
DefMDIChildProcA
PtInRect
MessageBeep
SetScrollRange
SetScrollPos
GetScrollRange
GetScrollPos
LoadStringA
GetCaretPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
HideCaret
CreateAcceleratorTableA
DestroyAcceleratorTable
LoadAcceleratorsA
RegisterWindowMessageA
DrawTextA
EndPaint
BeginPaint
KillTimer
SetTimer
IsWindowEnabled
EnableWindow
WindowFromPoint
IsWindowVisible
GetClassInfoA
FindWindowA
SetWindowWord
SetWindowLongA
CloseWindow
GetWindowLongA
IsZoomed
IsIconic
IsChild
GetDC
GetClientRect
ReleaseDC
ExitWindowsEx
GetNextDlgTabItem
GetDlgItem
ScreenToClient
ClientToScreen
ReleaseCapture
DrawTextExA
OemToCharA
CharToOemA
MessageBoxA
GetActiveWindow
WinHelpA
SetWindowsHookExA
CallNextHookEx
PostMessageA
SetCursor
CreateCursor
LoadCursorA
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
GetSystemMetrics
TrackPopupMenu
WaitMessage
IsDialogMessageA
CallWindowProcA
DefWindowProcA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetForegroundWindow
GetFocus
SetFocus
IsWindow
ShowWindow
PostQuitMessage
ShowCursor
SetCursorPos
GetCursorPos
DestroyCursor
GetSysColor

gdi32

GetStockObject
StretchBlt
CreateBitmapIndirect
BitBlt
GetObjectA
SelectObject
CreateCompatibleDC
SetTextColor
SetBkColor
GetPixel
CreateBitmap
CreateCompatibleBitmap
CreatePatternBrush
SetPixel
CreateDIBitmap
CreateHatchBrush
TextOutA
ExtTextOutA
SetTextAlign
GetTextAlign
SetTextJustification
SetBkMode
GetTextColor
GetBkColor
SetMapMode
GetMapMode
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
AddFontResourceA
RemoveFontResourceA
GetTextFaceA
EnumFontsA
GetDeviceCaps
Rectangle
CreateSolidBrush
UnrealizeObject
LineTo
MoveToEx
EnumFontFamiliesA
ResetDCA
Escape
EndPage
StartPage
EndDoc
StartDocA
CreateDCA
GetObjectType
DeleteObject
CreatePen
DeleteDC
Arc
Chord
Ellipse
FloodFill
ExtFloodFill
PolyPolygon
SetPolyFillMode
Pie
PatBlt
RealizePalette
SelectPalette
CreatePalette
SetStretchBltMode
CreateBrushIndirect
RoundRect
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
SaveDC
RestoreDC
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
FrameRgn
SetROP2
CreateRectRgn
GetDIBits
SetDIBitsToDevice
StretchDIBits
SetMetaFileBitsEx
PlayMetaFile
GetMetaFileA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetTextExtentPointA

winspool.drv

GetPrinterA
OpenPrinterA
EnumPrintersA
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
ClosePrinter

comdlg32

PrintDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
FindTextA
CommDlgExtendedError
ChooseFontA

shell32

ExtractIconA
ShellAboutA
DragQueryFileA
DragQueryPoint
DragAcceptFiles

ole32

OleUninitialize
OleInitialize

Sections

.text
Size: 968KB - Virtual size: 966KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bf1c5a7089e6612c2dc25b1728db68c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

ole32

Sections

.text Size: 968KB - Virtual size: 966KB

.rdata Size: 340KB - Virtual size: 337KB

.data Size: 200KB - Virtual size: 254KB

.text
Size: 968KB - Virtual size: 966KB

.rdata
Size: 340KB - Virtual size: 337KB

.data
Size: 200KB - Virtual size: 254KB