NEAS[.]1a3fe0647b8a062a9595edea545b83b0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.1a3fe0647b8a062a9595edea545b83b0.exe
Size

4.2MB
MD5

1a3fe0647b8a062a9595edea545b83b0
SHA1

7ed32a68952f0c643809c4570cf6b4eb404e2237
SHA256

bef6b5ccfa5a12fb342251c66a7f6abf000d99e1fd77454c1922a8d7770cd2ec
SHA512

bdc0079d81f918e709aa3de2ba8dca3adbde595c6bbe49b3ccc7f07933a69a2239e44cb1ee431d132caf78e1665a1bc21d98c5e92dfc13d2f00432d76491893c
SSDEEP

49152:cxoJH05bRH2pcwNA6PCFjEUV7FXJNdnpVmxuyPBE3bVTF/qFdwU3od35hqiK:YoibbAqFbdnHZy4xF/Sd73a35hqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1a3fe0647b8a062a9595edea545b83b0.exe

Files

NEAS.1a3fe0647b8a062a9595edea545b83b0.exe
.exe windows:6 windows x64

d827bde1197639bc7134b9439be28c66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dtcommonres

?ShowConvertImagesDialog@@YAXPEAUIDaemonProEngine@@PEAUHWND__@@PEA_WHPEAVIAttachedProgress@@@Z
?ShowBurnImageDialog@@YAXPEAUIDaemonProEngine@@PEAUHWND__@@PEA_WHPEAVIAttachedProgress@@2PEAX@Z
?SelectImageCatalogFolder@@YAHPEAUHWND__@@PEAUIDaemonProEngine@@PEAUITreeItems@@PEAPEAU3@@Z
CheckSPTDInstallation
?ShowDeviceParameters@@YAHPEAUHWND__@@PEAUTDeviceParametersDlg@@PEAX@Z
?ShowDeviceInfo@@YAXPEAUHWND__@@PEAUIPhysicalDevice@@PEAUIDeviceInfo@@@Z
?EditBox@@YAHPEAUHWND__@@PEB_W1PEA_WK2H@Z
?TCEditBox@@YAHPEAUHWND__@@PEB_W1PEA_WKPEAPEA_W2H@Z

kernel32

WinExec
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetACP
ExitProcess
MultiByteToWideChar
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
HeapQueryInformation
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
RtlUnwindEx
RtlPcToFileHeader
GetCPInfo
LCMapStringW
GetStringTypeW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
SetThreadPriority
GlobalUnlock
CompareStringW
GetLocaleInfoW
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetFileSize
GetFullPathNameW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
lstrcpyW
GetWindowsDirectoryW
GetProfileIntW
SearchPathW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetErrorMode
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
CreateThread
CloseHandle
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
FindResourceExW
CreateEventW
SetEvent
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
CreateFileW
WriteFile
InitializeCriticalSection
DeleteCriticalSection
GetLastError
Sleep
LoadLibraryW
GetProcAddress
CreateMutexW
GetCurrentDirectoryW
SetCurrentDirectoryW
TerminateThread
RaiseException
InitializeCriticalSectionEx
FindFirstFileW
lstrlenW
GetCurrentThreadId
CreateNamedPipeW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetCurrentProcessId
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
FreeLibrary
GetModuleHandleW
GetCommandLineW
FlushFileBuffers
GetCurrentProcess
GetCurrentThread
LocalFree
DecodePointer
LoadLibraryExW
lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
CreateDirectoryW
FindClose
FindNextFileW
GetFileAttributesW
GetFileSizeEx
GetVolumeInformationW
InitializeCriticalSectionAndSpinCount
GetSystemInfo
GetSystemTimeAsFileTime
GetVersionExW
GlobalAlloc
GlobalLock
GlobalFree
FormatMessageW
MoveFileExW
VerifyVersionInfoW
GetLocaleInfoA
GetUserDefaultLCID
GetTickCount
MulDiv
GetThreadTimes
ResumeThread
FreeResource
ResetEvent
GetTempPathW
GetTempFileNameW
GetSystemTime
SystemTimeToFileTime
DeleteAtom
GlobalAddAtomW
GlobalSize
CopyFileW
SetLastError
OutputDebugStringA
EncodePointer
GetSystemDirectoryW
GetModuleHandleExW
GlobalDeleteAtom
lstrcmpW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileTime
GlobalGetAtomNameW

user32

WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
CopyIcon
SetCursorPos
BringWindowToTop
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
SetParent
SetWindowRgn
SetClassLongPtrW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
IsRectEmpty
WindowFromPoint
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
DeleteMenu
ShowOwnedPopups
TrackMouseEvent
IntersectRect
CharUpperW
MapDialogRect
RealChildWindowFromPoint
PostQuitMessage
TranslateMessage
GetMessageW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
GetMenuItemInfoW
DestroyMenu
GetWindowThreadProcessId
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
GetDesktopWindow
GetKeyboardLayout
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetLastActivePopup
GetTopWindow
UnregisterClassW
RegisterWindowMessageW
EnableWindow
GetAsyncKeyState
GetDlgCtrlID
GetClassNameW
GetClassLongPtrW
EqualRect
MapWindowPoints
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
PeekMessageW
DispatchMessageW
CreateMenu
GetWindowRgn
DestroyCursor
GetNextDlgTabItem
MessageBoxW
GetFocus
SendMessageW
GetActiveWindow
CallNextHookEx
GetDlgItem
GetWindowRect
GetParent
SetWindowsHookExW
UnhookWindowsHookEx
GetWindowLongPtrW
SetWindowLongPtrW
SetForegroundWindow
EndDialog
GetClientRect
BeginPaint
FrameRect
GetSysColorBrush
EndPaint
DialogBoxParamW
SetWindowTextW
ShowWindow
CreateWindowExW
GetIconInfo
ScreenToClient
MoveWindow
PostMessageW
GetDC
IsWindowVisible
ReleaseDC
SetWindowPos
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IsCharAlphaNumericW
GetSystemMetrics
DrawTextW
GetWindowTextW
DestroyIcon
LoadImageW
SetRect
FillRect
GetSysColor
CopyRect
GetSystemMenu
EnableMenuItem
SetDlgItemTextW
GetCursorPos
SystemParametersInfoW
LoadCursorW
LoadBitmapW
RedrawWindow
DestroyWindow
GetDlgItemTextW
IsWindowEnabled
DefWindowProcW
CallWindowProcW
DrawIconEx
InvalidateRect
GetWindowTextLengthW
DrawFocusRect
InflateRect
KillTimer
MonitorFromWindow
GetMonitorInfoW
GetDialogBaseUnits
DialogBoxIndirectParamW
LoadIconW
MessageBeep
IsWindow
CheckDlgButton
SetTimer
SetFocus
UpdateWindow
SetWindowLongW
GetWindowLongW
AdjustWindowRect
ClientToScreen
ReleaseCapture
PtInRect
SetCursor
SetCapture
SetPropW
RemovePropW
GetPropW
RegisterClassExW
GetMenuStringW
LoadMenuW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState

gdi32

GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextJustification
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CopyMetaFileW
CreatePen
CreateDCW
GetStockObject
RoundRect
SetBkMode
SetTextColor
SetBkColor
ExtTextOutW
StretchBlt
CreateFontIndirectW
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteDC
CreateDIBSection
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
DeleteObject
GetObjectW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CheckTokenMembership
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SystemFunction036
OpenProcessToken
RegQueryValueW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
SetSecurityDescriptorSacl

shell32

SHGetPathFromIDListW
DragQueryFileW
ShellExecuteExW
ord190
SHCreateShellItem
ord155
SHAppBarMessage
DragFinish
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFileInfoW
DuplicateIcon
ord680
SHGetFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFileExistsW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemePartSize

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
OleSetContainedObject
CreateStreamOnHGlobal
CoInitializeEx
CoTaskMemFree
CLSIDFromString
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateGuid
CoGetClassObject

oleaut32

LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
OleLoadPicture
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantInit
VariantClear
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
LoadRegTypeLi
VariantCopy
VarBstrFromDate
VarBstrCmp
SysStringLen
SysAllocString

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCreateFromHDC

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

mpr

WNetAddConnection3W

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 628KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d827bde1197639bc7134b9439be28c66

Headers

DLL Characteristics

File Characteristics

Imports

dtcommonres

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

mpr

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 777KB - Virtual size: 777KB

.data Size: 48KB - Virtual size: 105KB

.pdata Size: 93KB - Virtual size: 92KB

.gfids Size: 512B - Virtual size: 380B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 648KB - Virtual size: 648KB

.reloc Size: 628KB - Virtual size: 632KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 777KB - Virtual size: 777KB

.data
Size: 48KB - Virtual size: 105KB

.pdata
Size: 93KB - Virtual size: 92KB

.gfids
Size: 512B - Virtual size: 380B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 648KB - Virtual size: 648KB

.reloc
Size: 628KB - Virtual size: 632KB