NEAS[.]c0951a1fcdf9c94f1fa99887db578970[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c0951a1fcdf9c94f1fa99887db578970.exe
Size

2.1MB
MD5

c0951a1fcdf9c94f1fa99887db578970
SHA1

3113d9f81b59520815eceac05f798a02904ec777
SHA256

3e3a6bc7bdf24b316a31eed7a2064a5d76272360ba0604150ebe59dd079ec7ba
SHA512

071542b82043c9010cf62878d16d5dfd4e5172118682e14ec2f6d3e5443cdfc15471f83399758a1d4db673319416cc96b67eb94aace6b96298a04e21459027b4
SSDEEP

24576:GSXTKlRtNiEmL28qpIPHzYJRZXKulmv+5RPhtfvO7cQGbq4p1JklaJsxriAq190q:nmtNxma8qaUfmmTPn3VQwqsJklBlUF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c0951a1fcdf9c94f1fa99887db578970.exe

Files

NEAS.c0951a1fcdf9c94f1fa99887db578970.exe
.dll windows:6 windows x86

a9f8c02f857e2178f806bdb85c3898ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mmioGetInfo
mmioSetInfo
mmioAdvance
mmioSeek
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose

kernel32

GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetVersionExW
GetTickCount
LockResource
LoadResource
SizeofResource
FindResourceA
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalLock
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalAlloc
FindClose
FindFirstFileA
FindNextFileA
OutputDebugStringA
GetLastError
GetModuleFileNameA
QueryPerformanceCounter
CreateThread
ResumeThread
SetThreadPriority
SetThreadAffinityMask
GetModuleHandleW
GetThreadPriority
GetCurrentThread
GetCurrentProcessorNumber
UnhandledExceptionFilter
IsDebuggerPresent
WaitForSingleObjectEx
FormatMessageA
GetThreadLocale
TryEnterCriticalSection
DeleteCriticalSection
DecodePointer
GetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
LoadLibraryExW
GetModuleFileNameW
InterlockedPushEntrySList
InterlockedFlushSList
VirtualQuery
ReadFile
CreateFileW
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
HeapReAlloc
GetACP
GetStdHandle
SetFilePointerEx
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
FreeLibrary
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
CreateEventW
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
InitializeSListHead
TerminateProcess
LoadLibraryExA
EncodePointer
GetModuleHandleExA
FlushFileBuffers
HeapSize
SetLastError
LoadLibraryW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
GetFileAttributesExW
SetFileAttributesW
VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
SetEndOfFile
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW

user32

ReleaseDC
CreatePopupMenu
SetMenuInfo
AppendMenuW
SetMenuItemInfoW
TrackPopupMenu
PeekMessageW
DestroyMenu
CallWindowProcW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetDC
GetFocus
GetKeyState
ReleaseCapture
GetUpdateRect
DefWindowProcW
EnableWindow
GetUpdateRgn
BeginPaint
EndPaint
SetFocus
SendMessageW
SetCursor
GetCursor
GetAsyncKeyState
GetCursorPos
MapWindowPoints
SetWindowPos
GetWindowRect
GetWindowLongW
SetTimer
GetClientRect
GetWindowInfo
GetParent
CreateWindowExW
wsprintfW
LoadCursorW
RegisterClassW
InvalidateRect
MessageBoxA
SetCapture
TrackMouseEvent
GetSystemMetrics
DestroyWindow
SetWindowLongW
UnregisterClassW
KillTimer

gdi32

SetPixelFormat
SwapBuffers
CreateDIBSection
SetTextColor
SetBkColor
CreateRectRgn
GetRegionData
CreateFontIndirectW
CreateSolidBrush
DeleteDC
CreateCompatibleDC
DeleteObject
ChoosePixelFormat

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
DoDragDrop
RegisterDragDrop
OleInitialize
CoInitialize
CoCreateInstance
RevokeDragDrop
OleUninitialize
CoUninitialize

shlwapi

SHCreateStreamOnFileEx

gdiplus

GdipCreateSolidFill
GdipCreatePen1
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipSetInterpolationMode
GdipDeletePen
GdipDeleteGraphics
GdipDeleteFont
GdipCloneBrush
GdipCloneImage
GdipGetPathWorldBounds
GdipIsVisiblePathPoint
GdipBitmapUnlockBits
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipGetImageHeight
GdipGetImageWidth
GdipSetLineBlend
GdipCreateLineBrush
GdipGetPathLastPoint
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathLine
GdipAddPathBezier
GdipStartPathFigure
GdipClosePathFigure
GdipRestoreGraphics
GdipSetPathFillMode
GdipDeleteMatrix
GdipTransformPath
GdipClonePath
GdipCreateMatrix2
GdipSaveGraphics
GdipSetPenColor
GdipSetSolidFillColor
GdipSetClipRect
GdipSetSmoothingMode
GdipSetPenWidth
GdipSetPenDashArray
GdipSetPenDashStyle
GdipSetPenDashOffset
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipDisposeImageAttributes
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipDrawEllipse
GdipFillEllipse
GdipDeletePath
GdipDrawPath
GdipFillPath
GdipAddPathArc
GdipCreatePath
GdipDrawRectangle
GdipFillRectangle
GdipDrawPolygon
GdipFillPolygon
GdipDrawLine
GdipTranslateWorldTransform
GdipCreateFromHWND
GdipCreateFromHDC
GdipMeasureString
GdipDrawString
GdipGetFontHeightGivenDPI
GdipGetDpiY
GdipSetTextRenderingHint
GdipGetLineSpacing
GdipGetCellDescent
GdipGetEmHeight
GdipGetFontSize
GdipGetCellAscent
GdipGetFamily
GdipGetImageGraphicsContext
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateBitmapFromScan0
GdipAlloc
GdiplusStartup
GdipDeleteBrush
GdipDisposeImage
GdipFree
GdiplusShutdown
GdipSetImageAttributesColorMatrix

opengl32

wglCreateContext
wglGetCurrentContext
wglDeleteContext
wglMakeCurrent

advapi32

SystemFunction036

Exports

Exports

createAudioPluginInstance

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9f8c02f857e2178f806bdb85c3898ca

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

shell32

ole32

shlwapi

gdiplus

opengl32

advapi32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.text1 Size: 25KB - Virtual size: 25KB

.rdata Size: 399KB - Virtual size: 398KB

.data Size: 59KB - Virtual size: 64KB

.data1 Size: 128KB - Virtual size: 128KB

.trace Size: 15KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 3KB - Virtual size: 2KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 57KB - Virtual size: 57KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.text1
Size: 25KB - Virtual size: 25KB

.rdata
Size: 399KB - Virtual size: 398KB

.data
Size: 59KB - Virtual size: 64KB

.data1
Size: 128KB - Virtual size: 128KB

.trace
Size: 15KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 57KB - Virtual size: 57KB