NEAS[.]f1f5e718e9c6ee6b5196a4df9ab06c80[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.f1f5e718e9c6ee6b5196a4df9ab06c80.exe
Size

716KB
MD5

f1f5e718e9c6ee6b5196a4df9ab06c80
SHA1

e0a38ff5276c2a147fb1a2701e4059bc0a00b1cc
SHA256

83b71a3aa171a790afeb6e00ed3ef7f05af3be2ff8c5c92e1911a953544eae18
SHA512

3861c2c5d23ec3b9efab18f21b3c2a33fd43361c09b6da652668afc360f3df7a006d5aa90c614309e421d4aee1b873f128394fc85de1f663723779fc12830fd3
SSDEEP

6144:BpfzcU/KGswND1u4PEJnguJ1+UV59L/A7xRcJYWB9rsPyZxXvqO7CM6W8tLkSlQ7:BpfAdGK4PEvJnmcJhbrsPGxyoCe9Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f1f5e718e9c6ee6b5196a4df9ab06c80.exe

Files

NEAS.f1f5e718e9c6ee6b5196a4df9ab06c80.exe
.exe windows:4 windows x86

a80e9887bb046819cd790682e3b6cbfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
_lclose
_lread
OpenFile
lstrlenA
GlobalUnlock
GlobalLock
Sleep
ReadFile
SetFilePointer
CreateThread
CreateFileA
CloseHandle
WriteFile
CreateEventA
GlobalHandle
WaitForSingleObject
SetEvent
WaitForMultipleObjects
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
CreateDirectoryA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
VirtualAlloc
IsBadWritePtr
HeapSize
GetTickCount
InterlockedIncrement
FlushFileBuffers
SetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
InterlockedDecrement
ResetEvent
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentDirectoryA
FindClose
FindFirstFileA
GetFullPathNameA
GetDriveTypeA

user32

DispatchMessageA
WaitMessage
OffsetRect
IntersectRect
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetCursorPos
PostMessageA
ShowWindow
GetDC
wsprintfA
SendMessageA
PeekMessageA
DrawIcon
DestroyCursor
GetCursorPos
TranslateMessage
UpdateWindow
SetTimer
PostQuitMessage
KillTimer
SetCursor
GetAsyncKeyState
DefWindowProcA

gdi32

ExcludeClipRect
RemoveFontResourceA
AddFontResourceA
StretchDIBits
GetTextExtentPoint32A
DeleteObject
CreateFontIndirectA
SetBkMode
GetStockObject
TextOutA
SetBkColor
SetTextColor
SelectObject

ddraw

DirectDrawCreate

winmm

mmioGetInfo
mmioSeek
mmioAdvance
mmioSetInfo
mmioOpenA
mmioDescend
mmioRead
mmioAscend
timeGetTime
mmioClose

shell32

SHFileOperationA

dsound

ord1

mmximage

?mmxImage32PreAlpha@@YAXVCmmxImageContext@@HH@Z
?mmxImage32Copy@@YAXVCmmxImageContext@@0HH@Z
?mmxImage32CopyAlpha@@YAXVCmmxImageContext@@0HH@Z

cinmovm

_CinemaMovieSetSynchroOff@4
_CinemaMoviePlayNextFrame@16
_CinemaMovieInit@28
_CinemaMovieGetNumberOfFrames@4
_CinemaMovieClose@4

Sections

.text
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a80e9887bb046819cd790682e3b6cbfb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

winmm

shell32

dsound

mmximage

cinmovm

Sections

.text Size: 620KB - Virtual size: 619KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 72KB - Virtual size: 128KB

.rsrc Size: 4KB - Virtual size: 928B

.text
Size: 620KB - Virtual size: 619KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 72KB - Virtual size: 128KB

.rsrc
Size: 4KB - Virtual size: 928B