NEAS[.]72ae10e4d1fdcd97bf06426615245280[.]exe

General

Target

NEAS.72ae10e4d1fdcd97bf06426615245280.exe
Size

39KB
MD5

72ae10e4d1fdcd97bf06426615245280
SHA1

6bbbf01047694d2005704a693136c545ace89d4f
SHA256

6ed6be268f6d99bb99df31b513fa0e559247c3a46331662bcab1a00540fe9871
SHA512

33741c38aa3c7c3f59796363a259dc03548f90b16f6a021e58bc770bff6b6d2ff58c51a68cedb9eac4253383a8650283ab9b0ce776ce95424e50f91bc92f3d53
SSDEEP

768:CybDkdsqw8guzZFcWiVEaNMDcoWiVE6tu1MJXOs26nGMhKCzed:CGMG8tz3cFE4oFE6DzBKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.72ae10e4d1fdcd97bf06426615245280.exe

Files

NEAS.72ae10e4d1fdcd97bf06426615245280.exe
.exe windows:4 windows x86

a727b18ce67d8ba3b9018a3c46701fad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpsapi

DhcpCreateClass
DhcpDeleteClass

dciman32

DCIBeginAccess
DCICreateOverlay
DCICloseProvider
DCIEnum
DCIDestroy

kernel32

GetPrivateProfileSectionW
GetShortPathNameA
SetEnvironmentVariableA
GetTickCount
SetErrorMode
GetPrivateProfileSectionW
GetCurrentProcess
lstrcmpA
QueryDosDeviceA
CreateSemaphoreW
GetPrivateProfileSectionW
WriteConsoleW
CompareStringW
GetProcAddress
CreateEventW
SetEnvironmentVariableW
GetPrivateProfileSectionW
DeleteFileA
GetModuleHandleW
GetSystemTime
CreateDirectoryA
GetPrivateProfileSectionW
GetCurrentDirectoryW
GetDiskFreeSpaceW
CreateHardLinkA
GetEnvironmentVariableW
WaitForSingleObjectEx
GetLocalTime
TlsGetValue
GetVolumePathNameA

user32

LoadCursorA
IsDialogMessageA
GetCaretPos
GetClassInfoA
DrawIcon
CreateDesktopW
LoadImageA
CreateDialogParamW
CharToOemA
PeekMessageA
MessageBoxA
DrawTextA
wsprintfA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a727b18ce67d8ba3b9018a3c46701fad

Headers

File Characteristics

Imports

dhcpsapi

dciman32

kernel32

user32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 11KB