NEAS[.]NEAS430c9a91923ca66b517dada3e4007310exe[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEAS430c9a91923ca66b517dada3e4007310exe.exe
Size

212KB
MD5

430c9a91923ca66b517dada3e4007310
SHA1

35026289bae3b2ed1220f632f5d7889ca1247fe9
SHA256

03fae6c48a132ab439785136d0828230d5b2d0f0bab46c07c486b99db10a5dfb
SHA512

decb07bf4e65c6fd6dd9a94f54d0686809a979843eceb5fed00320aed4c821f5b579e7a7424f9910176a282e11a751c8336e0157b2670baf3b344b2ed5f1f708
SSDEEP

3072:XXi+1IfIwFs7ZbxrAerbWu7s3BLbOyYkW8/1HSG9VRfqXlzcM8tKog8vCa30+Z:XXMwwW7Z1rAeXT8bOcdHd9yrpoBv8+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.NEAS430c9a91923ca66b517dada3e4007310exe.exe

Files

NEAS.NEAS430c9a91923ca66b517dada3e4007310exe.exe
.exe windows:4 windows x86

398b036aefb0145ed1ec7104382f5198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
CreateNamedPipeA
GetModuleHandleA
QueryPerformanceCounter
CreateThread
EnumTimeFormatsA
SetCurrentDirectoryW
FindAtomW
GetFullPathNameA
CreateEventA
ExpandEnvironmentStringsA
EnumDateFormatsA
GetProcAddress
SetEvent
FindResourceW
GetStringTypeW
IsBadWritePtr
GlobalDeleteAtom
MultiByteToWideChar
ConnectNamedPipe
GetMailslotInfo
GetPriorityClass
FindAtomA
GetShortPathNameW
WinExec
lstrcmpA
IsBadStringPtrW
lstrcatA
GetVersionExA
GetLogicalDrives
GetExitCodeThread
WaitForMultipleObjects
lstrcmpW
lstrcmpiA
CreateMailslotA
GetFileTime
GetExitCodeProcess

user32

wvsprintfW
SetForegroundWindow
CascadeWindows
EnumWindows
SetDlgItemTextA
SetWindowLongA
SendMessageW
EnumDesktopsW
CharLowerW
UpdateLayeredWindow
wsprintfW
DialogBoxIndirectParamW
OpenClipboard
SetWindowPos
GetClassNameA
GetClassInfoExW
CheckMenuRadioItem
DestroyMenu
LoadImageA
GetMenuInfo
CheckRadioButton
GetMenuItemRect
LoadMenuA
EnumChildWindows
GetMenuItemInfoW
AppendMenuA
CreateAcceleratorTableA
LoadImageW
GetDCEx
DestroyCursor
IsIconic
UpdateWindow
GetTopWindow

gdi32

SelectClipRgn
CreateRoundRectRgn
SetMapMode
StretchDIBits
SetWindowExtEx
GetNearestPaletteIndex
SetTextJustification
GetPixel
GetEnhMetaFilePaletteEntries
SetArcDirection
OffsetWindowOrgEx
GetLogColorSpaceW
RestoreDC
InvertRgn
PlayEnhMetaFile

advapi32

RegCreateKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteValueW

shlwapi

UrlCanonicalizeW
StrPBrkA
SHRegDeleteEmptyUSKeyA
ColorHLSToRGB
UrlIsW
StrSpnA
SHRegWriteUSValueW

setupapi

SetupDiSetClassInstallParamsA
CMP_GetServerSideDeviceInstallFlags
CM_Set_HW_Prof_FlagsW
SetupDiInstallDriverFiles
SetupDiCreateDeviceInterfaceW

oledlg

OleUIChangeIconA
OleUIObjectPropertiesA
OleUIBusyW
OleUIPasteSpecialA
OleUIPromptUserW
OleUIPromptUserA
OleUIPasteSpecialW
OleUIChangeSourceA
OleUIUpdateLinksA

crypt32

CryptCreateKeyIdentifierFromCSP
CertFindCertificateInStore
CryptMemFree
CertCompareCertificateName
CertGetValidUsages
CertFreeCRLContext
CryptDecryptAndVerifyMessageSignature
CryptFindOIDInfo
CertEnumCRLsInStore
CertVerifyCertificateChainPolicy
CryptMsgCountersignEncoded
CryptEncodeObject
I_CertSrvProtectFunction
I_CryptFlushLruCache
CertDuplicateCertificateContext

Sections

.PHTPjq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 512B - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XeM
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pL
Size: 2KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ire
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DtwwV
Size: 2KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K
Size: 4KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rZUbM
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NT
Size: 1024B - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

398b036aefb0145ed1ec7104382f5198

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

setupapi

oledlg

crypt32

Sections

.PHTPjq Size: 3KB - Virtual size: 3KB

.M Size: 512B - Virtual size: 237KB

.XeM Size: 8KB - Virtual size: 8KB

.pL Size: 2KB - Virtual size: 486KB

.Ire Size: 4KB - Virtual size: 5KB

.DtwwV Size: 2KB - Virtual size: 242KB

.K Size: 4KB - Virtual size: 116KB

.rZUbM Size: 3KB - Virtual size: 276KB

.data Size: 105KB - Virtual size: 169KB

.NT Size: 1024B - Virtual size: 403KB

.rsrc Size: 74KB - Virtual size: 74KB

.reloc Size: 1024B - Virtual size: 616B

.PHTPjq
Size: 3KB - Virtual size: 3KB

.M
Size: 512B - Virtual size: 237KB

.XeM
Size: 8KB - Virtual size: 8KB

.pL
Size: 2KB - Virtual size: 486KB

.Ire
Size: 4KB - Virtual size: 5KB

.DtwwV
Size: 2KB - Virtual size: 242KB

.K
Size: 4KB - Virtual size: 116KB

.rZUbM
Size: 3KB - Virtual size: 276KB

.data
Size: 105KB - Virtual size: 169KB

.NT
Size: 1024B - Virtual size: 403KB

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 1024B - Virtual size: 616B