NEAS[.]00972d63b18c9b3d580285eac7da0030[.]exe

General

Target

NEAS.00972d63b18c9b3d580285eac7da0030.exe
Size

112KB
MD5

00972d63b18c9b3d580285eac7da0030
SHA1

1ee39a59dfc268775978847b6780f9f55c5be5c4
SHA256

99aa0d77cf1eb683eaef71fccc1d3043d40ff2d4273318c74bc9730951ec2417
SHA512

7467b676993dcf457749957a6c7b910f04979b471194b7013aa880f6a19c60d02bae0826bd725cd9ac546f99919b434c16892898d23677c801e658d0e0cbf67c
SSDEEP

3072:bnxUaWjiWKp/Fd0khAPmXZNWYIazbj8MHPtPCceyp2yN:VDiitFd0kh0mXZNWFaPj8MXD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.00972d63b18c9b3d580285eac7da0030.exe

Files

NEAS.00972d63b18c9b3d580285eac7da0030.exe
.exe windows:4 windows x86

0bc81d124dd0e855d4b9f61f1e261410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
GetCurrentProcess
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringA
HeapAlloc
LCMapStringW
WriteFile
RtlUnwind
HeapFree
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
lstrcpyA
TerminateProcess
MultiByteToWideChar
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte

user32

CreateDialogParamA
SetActiveWindow
FindWindowA
RegisterClassA
SetForegroundWindow
BringWindowToTop
SetWindowPos
GetMessageA
SetFocus
CreateWindowExA
DispatchMessageA
IsDialogMessageA
TranslateMessage
PostQuitMessage
LoadStringA
SendMessageA
GetWindowLongA
DefWindowProcA
SetWindowLongA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bc81d124dd0e855d4b9f61f1e261410

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 80KB - Virtual size: 80KB