NEAS[.]ab5a58f8a95a41a7c8f951cc6243b7e0[.]exe

General

Target

NEAS.ab5a58f8a95a41a7c8f951cc6243b7e0.exe
Size

48KB
MD5

ab5a58f8a95a41a7c8f951cc6243b7e0
SHA1

9c458b6aaec4bda77b5d6bc5f302776c2f26dc8b
SHA256

a879740f736944e4e06bd9b3f7468e2cb3541162d530b1280daab23337a577a9
SHA512

c1ed1558dbd87c97f4df02608c57cd50b6e1b800e9dd926fdca08d5bd1996f66e038b3ee24540aa511c03adf758b48866af0a9086d7f8715cb0290c8ab319fc4
SSDEEP

768:n57f4CTV3mtQcEwKLs89zN2USTk+UZTe8/OeRToD1R:n57QCTE4w8hN2UQk7w8P1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ab5a58f8a95a41a7c8f951cc6243b7e0.exe

Files

NEAS.ab5a58f8a95a41a7c8f951cc6243b7e0.exe
.exe windows:4 windows x86

4682c330561714b6c5ad47c151f24134

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
DeviceIoControl
SetLastError
ResetEvent
GetModuleFileNameA
GetVersion
CreateFileA
CreateEventA
HeapFree
VirtualAlloc
HeapReAlloc
CompareStringW
CompareStringA
SetEnvironmentVariableA
LoadLibraryA
GetProcAddress
SetEndOfFile
GetACP
GetCPInfo
GetOEMCP
LCMapStringA
FlushFileBuffers
LCMapStringW
RtlUnwind
GetEnvironmentStringsW
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetStdHandle
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
UnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

DispatchMessageA
SetCursor
TranslateMessage
GetMessageA
PostQuitMessage
LoadCursorA
SetTimer
BeginPaint
UpdateWindow
KillTimer
EndPaint
DefWindowProcA
ShowWindow
RegisterClassA
CreateWindowExA

gdi32

GetStockObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4682c330561714b6c5ad47c151f24134

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 21KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 21KB