NEAS[.]64ecda19817b23ebc7c38bcf25657880[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.64ecda19817b23ebc7c38bcf25657880.exe
Size

45KB
MD5

64ecda19817b23ebc7c38bcf25657880
SHA1

4b496c38d252ef2bd4c967ae4c48a83372cb6074
SHA256

2722ddc597a083db6ec305068cd6ce9b9048018541afea052563707b9fafe4c1
SHA512

eac4904084cb23606b30e010f6b76da8ab6415585fc808e8f98af129b3a77465ecfdee3dc1ed3b70b885c8dded878a5c61b2da4f99f88c6c8772cb94d19a52ce
SSDEEP

768:adZnD05Keb/GowBFfkZSCO5DGe8lC2oXkpm9T6bjoEAK9Wv2wgEBHiiHyz7cA:6n1e6lZkZnO56S0UMBAK9E2y7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.64ecda19817b23ebc7c38bcf25657880.exe

Files

NEAS.64ecda19817b23ebc7c38bcf25657880.exe
.exe windows:5 windows x86

5305655c070246a5a956afc535d903b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
wcsstr
wcscat
_c_exit
_exit
_snprintf
_XcptFilter
free
_snwprintf
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStartupInfoA
QueryPerformanceCounter
GetModuleHandleA
GetWindowsDirectoryW
GetCommandLineW
GetLastError
FormatMessageA
LocalFree
GetTickCount
GetCurrentThreadId
UnhandledExceptionFilter

gdi32

DeleteObject

user32

SendMessageA
MessageBoxA
DialogBoxParamA
GetDlgItem
EndDialog
GetWindowRect
SetWindowPos

comctl32

ord17

shell32

ShellExecuteW

comdlg32

ChooseFontA

lua5.1a

lua_tointeger
lua_gettop
lua_getfield
lua_close
lua_settop
luaL_loadfile
luaL_openlibs
lua_gc
luaL_newstate
lua_pcall

wgx

WgxShellExecuteW
WgxSetFont
WgxGetLogFontStructureFromFile
WgxSaveLogFontStructureToFile
WgxSetIcon
WgxApplyResourceTable
WgxBuildResourceTable
WgxDestroyResourceTable

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5305655c070246a5a956afc535d903b1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

shell32

comdlg32

lua5.1a

wgx

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 37KB - Virtual size: 36KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 37KB - Virtual size: 36KB