NEAS[.]042751ae71561dd29acecde1ca341ca0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.042751ae71561dd29acecde1ca341ca0.exe
Size

339KB
MD5

042751ae71561dd29acecde1ca341ca0
SHA1

cb22ea843006889a1f70f3782827758dd47b7a7d
SHA256

1d93c5424957b6caa5f4d731f6130eb63b0b5952f72ad0d6af6c947b12ceb194
SHA512

cc129e94b2678c39bb0ce97c515dbf817448523c05e266bbe8b639391b734d4ba8e7acdef92b04642215415dcfc5cb7825d585c41411c29a37473c391b1bf46d
SSDEEP

6144:uVHv4NVHC8j8AVhDf6ne8TN3As7+yQlyUuTO1t7:uVHv+izAVhDf6nRTNDOSTet7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.042751ae71561dd29acecde1ca341ca0.exe

Files

NEAS.042751ae71561dd29acecde1ca341ca0.exe
.exe windows:4 windows x86

2c598eb4fb95341e11f76e3be1151c1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitThread
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
HeapFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
FindResourceA
GlobalAddAtomA
GetProfileStringA
RaiseException
RtlUnwind
ExitProcess
GetStartupInfoW
GetTickCount
SizeofResource
WritePrivateProfileStringW
GetProcessVersion
GlobalFlags
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FormatMessageW
LocalFree
LoadLibraryA
FreeLibrary
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GlobalFree
LockResource
FindResourceW
LoadResource
MulDiv
GetModuleHandleA
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
CreateEventW
SuspendThread
GetCurrentThreadId
SetThreadPriority
ResumeThread
SetEvent
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalLock
GlobalUnlock
lstrcmpiW
GetThreadLocale
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
lstrcpyW
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
SetLastError
lstrcpynW
GetPrivateProfileStringW
GetModuleFileNameW
GetPrivateProfileSectionNamesW
OutputDebugStringW
lstrlenW
DeleteFileW
CreateProcessW
GetLastError
LCMapStringW
WaitForSingleObject

user32

GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
GetWindow
SetWindowContextHelpId
SetFocus
SetWindowPos
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CopyRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
PostThreadMessageW
ClientToScreen
ScreenToClient
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
PostMessageW
SetDlgItemTextW
SendMessageW
LoadIconW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
MessageBoxW
SetCursor
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageW
GetCursorPos
RegisterClipboardFormatW
InvalidateRect
SetWindowsHookExW
GetWindowTextW
CharUpperW
wsprintfW
EnableWindow
IsWindowVisible
LoadImageW
ShowWindow
IsIconic
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DrawIcon
GetClientRect
GetSystemMetrics
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
InflateRect
ModifyMenuW
DestroyMenu
GetSysColorBrush
LoadCursorW
GetDesktopWindow
PtInRect
GetClassNameW
LoadStringW
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetDC

gdi32

GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
ScaleWindowExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
GetObjectW
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetViewportExtEx
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

ord17

oledlg

OleUIBusyW

ole32

OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantChangeType
SysAllocString
VariantCopy
VariantClear
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen

wininet

HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c598eb4fb95341e11f76e3be1151c1a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

shlwapi

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 124KB - Virtual size: 124KB