NEAS[.]982d2f042151e232670286487e270bf0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.982d2f042151e232670286487e270bf0.exe
Size

2.1MB
MD5

982d2f042151e232670286487e270bf0
SHA1

e594350a8e4a9f8135c3f10884d4ada2bf018cc7
SHA256

b6f38f9ff66893f5880f6bfe0dd89e14a35003adf1d75bf7a1aea901eccd248b
SHA512

530b5e5683d1c64d2dd1d783c6ade7fa8b92093e260e1eba1e256b9a3359ed7ac99cb40122e05b89c4a3a3277d04107413884b0fe1ec49992219637e32f17684
SSDEEP

24576:qbCpJkYNLRdjuUdiGwV9/9zEsqjnhMgeiCl7G0nehbGZpbD:PpJTHluUdizVDzgDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.982d2f042151e232670286487e270bf0.exe

Files

NEAS.982d2f042151e232670286487e270bf0.exe
.exe windows:5 windows x64

99a6da8f34a4dabb143ed12f865eac31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

MessageBoxA
CharNextW
LoadStringW
MessageBoxW
GetWindowThreadProcessId
GetSystemMetrics
FindWindowW
CharUpperBuffW
CharUpperW
CharLowerBuffW

kernel32

Sleep
VirtualFree
VirtualAlloc
HeapFree
HeapAlloc
GetProcessHeap
lstrlenW
lstrcpynW
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetSystemInfo
GetVersion
CompareStringW
IsValidLocale
SetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetACP
LoadLibraryExW
GetStartupInfoW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetCommandLineW
FreeLibrary
GetLastError
UnhandledExceptionFilter
RtlUnwindEx
RtlUnwind
RaiseException
ExitProcess
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FindFirstFileW
FindClose
WriteFile
GetStdHandle
CloseHandle
LoadLibraryA
TlsSetValue
TlsGetValue
LocalFree
LocalAlloc
WriteProcessMemory
WaitForSingleObject
VirtualQueryEx
VirtualProtect
VirtualFreeEx
VirtualAllocEx
TryEnterCriticalSection
TerminateThread
SwitchToThread
SetLastError
SetFilePointer
SetEvent
SetEndOfFile
ResetEvent
ReadFile
OutputDebugStringW
OpenProcess
HeapSize
HeapDestroy
HeapCreate
GetVersionExW
GetThreadLocale
GetTempPathW
GetLocalTime
GetFullPathNameW
GetFileAttributesW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentProcess
GetCPInfoExW
GetCPInfo
FormatMessageW
EnumSystemLocalesW
EnumCalendarInfoW
DeleteFileW
CreateRemoteThread
CreateFileW
CreateEventW

crypt32

CertFreeCertificateContext
CertGetNameStringA
CryptVerifyMessageSignature

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 37KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 432B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 576KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

99a6da8f34a4dabb143ed12f865eac31

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

crypt32

imagehlp

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 132KB - Virtual size: 132KB

.bss Size: - Virtual size: 37KB

.idata Size: 4KB - Virtual size: 4KB

.didata Size: 512B - Virtual size: 330B

.tls Size: - Virtual size: 432B

.rdata Size: 512B - Virtual size: 40B

.pdata Size: 79KB - Virtual size: 79KB

.rsrc Size: 576KB - Virtual size: 580KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 132KB - Virtual size: 132KB

.bss
Size: - Virtual size: 37KB

.idata
Size: 4KB - Virtual size: 4KB

.didata
Size: 512B - Virtual size: 330B

.tls
Size: - Virtual size: 432B

.rdata
Size: 512B - Virtual size: 40B

.pdata
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 576KB - Virtual size: 580KB