NEAS[.]e5e2214532d413e16af848ce83e3f600[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e5e2214532d413e16af848ce83e3f600.exe
Size

747KB
MD5

e5e2214532d413e16af848ce83e3f600
SHA1

99408d3911ae6ec5aa1634ba594ca66c7bfc6c97
SHA256

55e5d9f3caeb10916129427a6a3887fa4a9da1da8a2375abae0acfa4f25ba4d5
SHA512

98b947354d5bdc17aa9386c1b655de00d3c8577370f1b67300a0c44094c1ed1d697f6f15ef35bd807a4c50c2a8ade00f4cc8b371f816c9aeaeceefbbfc650630
SSDEEP

12288:tTlqX/LWD77z/sKJj+aCLswfvl/KXSevcSI7ZzhBdOodh6:XCLg77z/sKJj+aCLskvFxbcSh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e5e2214532d413e16af848ce83e3f600.exe

Files

NEAS.e5e2214532d413e16af848ce83e3f600.exe
.dll windows:6 windows x86

8f040f5cccbf7d6705b6dedf18bccc9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
VirtualQuery
VirtualProtect
GetSystemInfo
CreateFileW
SetFilePointerEx
HeapSize
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
FreeLibrary
LoadLibraryExW
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetCurrentThread
WriteFile
OutputDebugStringA
OutputDebugStringW
CloseHandle
WaitForSingleObjectEx
CreateThread
SetConsoleCtrlHandler
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
LoadLibraryExA

fptr10

libfptr_error_description
libfptr_error_code
libfptr_process_json
libfptr_fn_query_data
libfptr_report
libfptr_get_param_datetime
libfptr_get_param_str
libfptr_get_param_int
libfptr_set_param_str
libfptr_set_param_int
libfptr_is_opened
libfptr_close
libfptr_open
libfptr_get_settings
libfptr_destroy
libfptr_set_settings
libfptr_create

Exports

Exports

_register_node_atol_wrapper_

Sections

.text
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f040f5cccbf7d6705b6dedf18bccc9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

fptr10

Exports

Exports

Sections

.text Size: 601KB - Virtual size: 600KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 7KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 3KB

.didat Size: 6KB - Virtual size: 6KB

.gfids Size: 3KB - Virtual size: 3KB

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 601KB - Virtual size: 600KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 7KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 3KB

.didat
Size: 6KB - Virtual size: 6KB

.gfids
Size: 3KB - Virtual size: 3KB

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 22KB - Virtual size: 21KB