NEAS[.]9af8ff632200b7df12d2b986856d2a90[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9af8ff632200b7df12d2b986856d2a90.exe
Size

432KB
MD5

9af8ff632200b7df12d2b986856d2a90
SHA1

5b0c8f2a703b22406f4d195a555487635f3e5b88
SHA256

14760d86f8154a249bbb004981bc196e5dcbe75f5627ac38f3bdc1552b66b7f5
SHA512

dda7ba22c61d1d5f0e77a44867981c040a2c2e9d64e3149057730bd4b4fa2633def97bdd7daf5904bdc9a46236ab5e1da202e6c50ea63a5b1705bebd01be3f1d
SSDEEP

6144:AasV7gI6S/LzXgHUGbY8OZhshMxxxsNBtDqOKV3:tsV7HPlGbY8MIMLxegdV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9af8ff632200b7df12d2b986856d2a90.exe

Files

NEAS.9af8ff632200b7df12d2b986856d2a90.exe
.exe windows:5 windows x86

0eee9518abf9d24544cc3196dc91fc0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
MultiByteToWideChar
GlobalUnlock
GlobalFree
GetLocalTime
GetCurrentThreadId
GetVersion
GlobalReAlloc
CreateThread
CreateFileA
GetProcessHeap
SetEndOfFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapReAlloc
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
GetTimeFormatW
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
HeapSize
LCMapStringW
RtlUnwind
RaiseException
HeapAlloc
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetStdHandle
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
InterlockedDecrement
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFileAttributesW
ExitProcess
Sleep
TerminateThread
GlobalAlloc
WaitForSingleObject
GlobalLock
SystemTimeToFileTime
GetPrivateProfileSectionNamesW
GetDateFormatW
GetSystemTime
GetModuleHandleA
DeleteFileW
CloseHandle
lstrcmpiW
VerLanguageNameW
CreateFileW
ReadFile
GetVersionExW
WideCharToMultiByte
GetSystemDirectoryW
WriteFile
GetLogicalDriveStringsW
GetDriveTypeW
SetFilePointer
GlobalMemoryStatus
GetFileSize
GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleFileNameW
MulDiv
WritePrivateProfileStructW
GetPrivateProfileStructW
GetPrivateProfileStringW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
GetFileType
FreeLibrary

user32

DefWindowProcW
GetNextDlgTabItem
DestroyWindow
IsWindow
CloseClipboard
DestroyAcceleratorTable
SetTimer
TrackPopupMenu
ClientToScreen
GetWindowTextLengthW
MessageBoxA
SetWindowTextW
SetDlgItemTextW
GetDesktopWindow
FillRect
PostMessageW
KillTimer
GetSubMenu
DeleteMenu
GetParent
CallNextHookEx
IsWindowEnabled
GetClientRect
ModifyMenuW
LoadAcceleratorsW
GetMenu
AppendMenuW
GetClipboardData
GetWindowTextW
SetClassLongW
GetClassNameW
EnableMenuItem
EmptyClipboard
ChangeClipboardChain
RedrawWindow
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
DrawMenuBar
CreateWindowExW
InsertMenuW
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
MessageBoxW
GetSystemMetrics
IsWindowVisible
UpdateWindow
SetClipboardData
DestroyMenu
SetClipboardViewer
SetMenuItemInfoW
LoadImageW
DrawIconEx
GetIconInfo
DestroyIcon
GetDlgItemInt
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
CallWindowProcW
SetFocus
LoadIconW
CheckDlgButton
IsDlgButtonChecked
SetWindowPlacement
SetCursor
ScreenToClient
GetWindowRect
SetCapture
GetFocus
LoadCursorW
GetWindowPlacement
GetDlgItem
EndDialog
ReleaseCapture
SendMessageW
EnableWindow
GetDlgCtrlID
GetMessagePos
DialogBoxParamW
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
TranslateAcceleratorW

gdi32

CreateFontIndirectW
SelectPalette
DeleteObject
CreateSolidBrush
GetStockObject
EndDoc
StartDocW
GetObjectW
StretchDIBits
RealizePalette
ExtTextOutW
CreateCompatibleDC
SelectObject
SetBkColor
GetDIBits
DeleteDC
SetTextColor
StartPage
GetDeviceCaps
EndPage
GetTextMetricsW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
PrintDlgW

advapi32

RegOpenKeyExW
RegCloseKey
IsTextUnicode
RegOpenCurrentUser
RegQueryValueExW

shell32

ExtractIconW
SHGetSpecialFolderPathW
ShellExecuteW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_Create
ImageList_Duplicate
ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eee9518abf9d24544cc3196dc91fc0b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

comctl32

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 5KB - Virtual size: 127KB

.rsrc Size: 122KB - Virtual size: 122KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 5KB - Virtual size: 127KB

.rsrc
Size: 122KB - Virtual size: 122KB