NEAS[.]005e4c6bcf4f307208a3a96438790d40[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.005e4c6bcf4f307208a3a96438790d40.exe
Size

212KB
MD5

005e4c6bcf4f307208a3a96438790d40
SHA1

1c153349e3e7bd409f685266faf8645044ec0018
SHA256

d3f60c9d76ef9fbd6c648fe89612853514233c15e7fe35077bcd2b956ad75e4b
SHA512

29376abe9e4ff8c69b477127814d73f80cda0e3430c188c36bfdbc70d1faec88b76087bf926c6b452893bfd3d4109c64b2464fcd92c42555400f5587bfa56243
SSDEEP

3072:GE5COzDVjEPR6KEZ86nFAmi7gCoPiDqXl/c2V6SDADeak7dJHB/AW:GE51JjEP4ZnFAmi7Pq9WSsQLH5AW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.005e4c6bcf4f307208a3a96438790d40.exe

Files

NEAS.005e4c6bcf4f307208a3a96438790d40.exe
.exe windows:4 windows x86

50cd8e580679d7f5c5947448b48eab42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutOpen
waveOutPrepareHeader
waveOutClose
waveOutUnprepareHeader
waveInAddBuffer
mixerGetLineInfoA
waveInClose
waveInGetErrorTextA
waveInReset
waveInPrepareHeader
waveInStart
mixerGetLineControlsA
mixerGetControlDetailsA
waveOutWrite
waveInOpen
mixerGetDevCapsA
mixerOpen
mixerSetControlDetails
mixerClose

kernel32

RtlUnwind
ExitProcess
TerminateProcess
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetACP
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
GetOEMCP
SetErrorMode
GetProcessVersion
GetCPInfo
SizeofResource
WritePrivateProfileStringA
TlsGetValue
GlobalFlags
GlobalReAlloc
LocalReAlloc
TlsSetValue
TlsAlloc
TlsFree
GlobalHandle
lstrcpynA
LocalFree
LocalAlloc
SetLastError
GetLastError
MulDiv
GlobalGetAtomNameA
GetVersion
lstrcatA
lstrcpyA
GlobalAddAtomA
GlobalFindAtomA
GlobalFree
GetModuleHandleA
GlobalUnlock
LoadResource
LockResource
GetProfileStringA
FindResourceA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GetModuleFileNameA
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpiA
GetCurrentThread
CreateThread
SetEvent
CloseHandle
Sleep
SetThreadPriority
WaitForMultipleObjects
EnterCriticalSection
GetTickCount
OutputDebugStringA
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
WaitForSingleObject
CreateEventA
SetHandleCount
GetStdHandle
FreeLibrary
LoadLibraryA

user32

ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetTopWindow
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
BeginPaint
GetClassNameA
PtInRect
GetSysColorBrush
InflateRect
DestroyMenu
InvalidateRect
RegisterClassA
GetMenu
GetMenuItemCount
GetWindowDC
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
GetCapture
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetDC
ReleaseDC
UnhookWindowsHookEx
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
LoadStringA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
MessageBoxA
wsprintfA
WinHelpA
GetSubMenu
GetClassInfoA
GetMenuItemID
EndDialog
LoadBitmapA
GetMenuCheckMarkDimensions
IntersectRect
CharNextA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
IsWindowUnicode
DefDlgProcA

gdi32

GetTextExtentPointA
CreateCompatibleDC
CreateBitmap
PatBlt
DeleteObject
GetClipBox
SetBkColor
GetObjectA
SetTextColor
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
BitBlt
CreateDIBitmap
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

Exports

Exports

CreateInterface

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50cd8e580679d7f5c5947448b48eab42

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 72KB - Virtual size: 69KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 72KB - Virtual size: 69KB