NEAS[.]a76f22b31b5788dfba2ece783885a9c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a76f22b31b5788dfba2ece783885a9c0.exe
Size

334KB
MD5

a76f22b31b5788dfba2ece783885a9c0
SHA1

0c1a38ecba71231432e8107786fb3516f56717a7
SHA256

f84b210870f263033bea80ec4f2e004a73fc23f6c52c7a77b494b569101a249a
SHA512

52c306651facba433fc5c61c4a4c5e75060f9c6a9646b7fda7796acfba74d0bcb97115d59b88bc5632bb35cd09420afc15a6e10580a528823e2d29db8f844dae
SSDEEP

6144:dwDeLfZ4pnZ7ej/yTznHnnnnnnnnnnnnnnnnnnnnnnnnnnnnBrKNFU:jf2nI/SnHnnnnnnnnnnnnnnnnnnnnnnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a76f22b31b5788dfba2ece783885a9c0.exe

Files

NEAS.a76f22b31b5788dfba2ece783885a9c0.exe
.exe windows:5 windows x86

a336f79e47670c8ef4edfa68ec36052d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetTempPathW
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetStartupInfoA
GetLocaleInfoW
GetLocalTime
GetFullPathNameW
GetFileAttributesW
GetFileAttributesExW
GetCurrentThreadId
GetCurrentProcess
GetCurrentDirectoryW
GetVersionExA
FreeLibrary
FormatMessageW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
DebugBreak
CreateProcessW
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
GetVersionExW
HeapSetInformation
InterlockedCompareExchange
InterlockedDecrement
LoadLibraryA
GetModuleHandleW
GetModuleHandleA
GetProcAddress
lstrcmpW
WriteFile
VerSetConditionMask
UnmapViewOfFile
TlsFree
TlsAlloc
TerminateProcess
SystemTimeToFileTime
Sleep
SetLastError
SetFilePointer
SetEvent
CompareStringW
SearchPathW
ReadFile
MultiByteToWideChar
MapViewOfFile
LockResource
LocalFree
GetACP
LocalAlloc

user32

LoadIconW
LoadImageW
LoadStringW
LockWindowUpdate
MapDialogRect
MapWindowPoints
MessageBoxW
ModifyMenuW
MonitorFromWindow
MoveWindow
OffsetRect
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterClassW
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
ShowWindow
ShowWindowAsync
SystemParametersInfoA
SystemParametersInfoW
TranslateAcceleratorW
TranslateMessage
UnregisterClassA
UnregisterClassW
UpdateWindow
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsDlgButtonChecked
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetSystemMetrics
GetSystemMenu
GetMonitorInfoW
GetMessageW
GetMenu
GetFocus
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoW
GetClassInfoExW
FillRect
EqualRect
EnumDisplayMonitors
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DrawIcon
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
DefDlgProcW
CreateWindowExW
CreateMenu
CreateDialogParamW
CreateDialogIndirectParamW
CopyRect
CheckRadioButton
CheckDlgButton
CharUpperW
CharNextW
CharLowerW
BeginPaint
AppendMenuW
AllowSetForegroundWindow
AdjustWindowRectEx
AdjustWindowRect
IsIconic

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePalette
CreateRectRgn
CreateRectRgnIndirect
DeleteDC
DeleteObject
EqualRgn
GetClipBox
GetDCOrgEx
GetDIBColorTable
GetDeviceCaps
GetObjectW
GetStockObject
RealizePalette
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetRectRgn
SetTextColor
StretchBlt
TranslateCharsetInfo
UpdateColors
AbortDoc
CombineRgn

advapi32

RegCreateKeyExW
CredDeleteW
CredFree
CredGetSessionTypes
CredReadDomainCredentialsW
CredReadW
CredUnmarshalCredentialW
CredWriteDomainCredentialsW
CredWriteW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegisterTraceGuidsW
TraceMessage
UnregisterTraceGuids
RegOpenKeyA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_LoadImageW
ImageList_ReplaceIcon
InitCommonControlsEx

winmm

timeGetTime

msvcrt

_CIpow
__getmainargs
_cexit
_errno
_exit
_purecall
_vsnwprintf
_wcsicmp
_wcslwr
_wtoi
_wtol
calloc
iswdigit
iswspace
srand
time
toupper
towlower
wcspbrk
wcsrchr

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a336f79e47670c8ef4edfa68ec36052d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

winmm

msvcrt

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 215KB - Virtual size: 215KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 215KB - Virtual size: 215KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 27KB - Virtual size: 27KB