NEAS[.]fcfb19694cdc09f4abc27ce2d13f7340[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.fcfb19694cdc09f4abc27ce2d13f7340.exe
Size

5.3MB
MD5

fcfb19694cdc09f4abc27ce2d13f7340
SHA1

b95b232eac6847f645d021e8aad6d7ed1cf32010
SHA256

55a3367d54454fd8cc358a5a40c0655b3be829e4cd7152c5b94d0ba210ff24c5
SHA512

54715214b85f8692ad031e4b5217ec037d28cdb3ebc0fb23a53f911b07d035c595eb2ee817756101d62bcb6901ec8d68c41c697d10555ad6695efe3a1efec1c2
SSDEEP

3072:kU50Vt37mEJtfq4zT6RcuILiSsYDGU6/TDonm58xPBfzWNt5vNAJE+qt1aSUq3Gj:OVtLmEJtNzZLiSpBnqyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fcfb19694cdc09f4abc27ce2d13f7340.exe

Files

NEAS.fcfb19694cdc09f4abc27ce2d13f7340.exe
.dll windows:4 windows x86

20a40488052f19ce052c753e744d452b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc40

ord2390
ord2255
ord3879
ord3459
ord542
ord504
ord3113
ord615
ord362
ord353
ord4952
ord604
ord2146
ord810
ord2109
ord3153
ord706
ord2145
ord5124
ord2082
ord3630
ord3784
ord423
ord2106
ord5125
ord1824
ord5207
ord762
ord2471
ord486
ord5467
ord3711
ord2264
ord3177
ord2134
ord5557
ord2514
ord1429
ord964
ord2130
ord2515
ord3620
ord3214
ord3227
ord5117
ord2149
ord1432
ord2154
ord532
ord1097
ord2072
ord5725
ord5765
ord2417
ord1753
ord3710
ord2261
ord3884
ord3162
ord606
ord5296
ord4096
ord721
ord570
ord2212
ord2293
ord433
ord3744
ord5492
ord509
ord4311
ord5506
ord1806
ord1089
ord1035
ord1021
ord817
ord2510
ord836
ord4931
ord2557
ord834
ord760
ord3656
ord483
ord2511
ord2693
ord1061
ord2683
ord1041
ord4817
ord5656
ord4826
ord5665
ord3262
ord715
ord500
ord3232
ord1838
ord5415
ord1839
ord1827
ord1848
ord3272
ord3804
ord2327
ord1449
ord2317
ord689
ord724
ord696
ord4681
ord3237
ord3906
ord2961
ord4704
ord1540
ord5363
ord4173
ord2707
ord3724
ord2065
ord2003
ord731
ord315
ord3259
ord4719
ord5053
ord4703
ord4715
ord4165
ord3579
ord2097
ord4713
ord2909
ord3431
ord4627
ord965
ord2234
ord5070
ord2197
ord3761
ord3963
ord5648
ord314
ord729
ord3112
ord2416
ord1425
ord1426
ord2115
ord5205
ord5121
ord3158
ord569
ord3185
ord5123
ord3110
ord279
ord2704
ord1014
ord1056
ord3762
ord2081
ord3134
ord2114
ord3907
ord711
ord671
ord733
ord269
ord1370
ord988
ord5681
ord1367
ord1046
ord328
ord1042
ord1369
ord1105
ord5360
ord2199
ord4450
ord4312
ord3859
ord4101
ord3580
ord2694
ord3340
ord3346
ord3345
ord2696
ord2620
ord2845
ord2744
ord3945
ord2843
ord2754
ord2617
ord4691
ord1850
ord2140
ord4677
ord1494
ord4510
ord3268
ord5649
ord1785
ord2323
ord3922
ord4296
ord3314
ord4694
ord3837
ord5647
ord4608
ord2086
ord4657
ord3890
ord1539
ord3578
ord1438
ord3858
ord1660
ord265
ord3786

msvcrt40

__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
abs
_ftol
_splitpath
_makepath
memcpy
_EH_prolog
__CxxFrameHandler
memset

kernel32

Sleep
LocalAlloc
GetVersion
HeapAlloc
GetProcessHeap
LocalFree
GetVersionExA
CopyFileA
HeapFree
IsDBCSLeadByte
EnterCriticalSection
GlobalFree
GetTempPathA
GetTempFileNameA
LeaveCriticalSection
FindClose
lstrcatA
FindFirstFileA
WriteFile
SetFileTime
MoveFileA
DeleteFileA
GetModuleFileNameA
lstrcmpiA
GetFileSize
CreateFileMappingA
CreateFileA
CloseHandle
FileTimeToLocalFileTime
MapViewOfFile
UnmapViewOfFile
lstrcmpA
FileTimeToSystemTime
lstrcpyA
LoadResource
lstrlenA
InitializeCriticalSection
FindResourceA
DeleteCriticalSection
GlobalAlloc
GetTickCount

user32

EmptyClipboard
GetDlgItemInt
SetDlgItemInt
DefWindowProcA
SetScrollRange
UnionRect
BeginPaint
EndPaint
GetCursor
GetKeyState
LoadBitmapA
GetCursorPos
ReleaseCapture
SetCapture
ClipCursor
SetCursor
GetScrollPos
SetClassLongA
SetTimer
SetRectEmpty
SetScrollPos
EnableScrollBar
ShowScrollBar
KillTimer
IsRectEmpty
PostMessageA
GetFocus
SetClipboardData
OpenClipboard
GetWindowTextA
MessageBoxA
SetFocus
SystemParametersInfoA
DialogBoxParamA
EndDialog
ScreenToClient
GetDC
ReleaseDC
CloseClipboard
CheckMenuItem
LoadIconA
LoadCursorA
GetClientRect
GetSystemMetrics
IntersectRect
wsprintfA
DrawTextA
GetPropA
CallWindowProcA
RemovePropA
DestroyWindow
CreateWindowExA
SetWindowLongA
SetPropA
TrackPopupMenu
DestroyMenu
IsWindow
GetClassLongA
SetWindowTextA
GetDlgItem
EnableMenuItem
FillRect
SetRect
ClientToScreen
PtInRect
GetParent
OffsetRect
InflateRect
GetWindowRect
LoadMenuA
GetSubMenu
CheckMenuRadioItem
InvalidateRect
EnableWindow
DrawFocusRect
CopyRect
GetSysColor
LoadStringA
SendMessageA

gdi32

CreateRoundRectRgn
CreateICA
SetBkMode
SetTextColor
SelectClipRgn
CreateSolidBrush
DeleteEnhMetaFile
EnumEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
CreateFontIndirectA
GetTextMetricsA
MoveToEx
LineTo
DPtoLP
LPtoDP
GetClipBox
PlayEnhMetaFileRecord
SetWorldTransform
ExtTextOutA
GetTextExtentPoint32A
TextOutA
GetCurrentObject
GetWorldTransform
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
GetMapMode
EndPage
StartPage
EndDoc
StartDocA
ResetDCA
CreateRectRgn
SetBitmapBits
GetBitmapBits
GetCharWidthA
GetObjectA
RoundRect
CreateRectRgnIndirect
CombineRgn
CreateFontA
CreateDCA
StretchBlt
CreatePen
DeleteObject
GetDeviceCaps
SelectObject
DeleteDC
CreateBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
PatBlt
GetStockObject

shell32

SHBrowseForFolder
SHGetPathFromIDList

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_GetImageCount

ole32

CoTaskMemFree

Exports

Exports

rpha_PrtPreview

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a40488052f19ce052c753e744d452b

Headers

File Characteristics

Imports

mfc40

msvcrt40

kernel32

user32

gdi32

shell32

comctl32

ole32

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 5KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 5KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 6KB - Virtual size: 6KB