NEAS[.]02cf7b72a7bb174b733fd4e1688066b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.02cf7b72a7bb174b733fd4e1688066b0.exe
Size

279KB
MD5

02cf7b72a7bb174b733fd4e1688066b0
SHA1

5ad342f843f1ac0f5a91bdbeee49e9667d9db95e
SHA256

a3ea5cd3e680a56700e4d1916164e2324b65b8a440ceef4c3db3ddb3b777be50
SHA512

5fca0c420b6a9ccf13cda28144e07090aae9d6d9a1c38375c667a5a3f965db2eafa9656c3be83d2f034a4f5eddb788c4b29b8b7a34244efbb8b1c31c6d9f7af9
SSDEEP

6144:BSIhOJAuwOYjPlGWPcKMvrHcSE9D9KVi5VfeK8nihVBZih:ULJ+Pl1M7c39pAgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.02cf7b72a7bb174b733fd4e1688066b0.exe

Files

NEAS.02cf7b72a7bb174b733fd4e1688066b0.exe
.exe windows:5 windows x86

6a8de8772de38bd81eb16c604a66176c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isalpha
strtol
strtoul
_strcmpi
strstr
strncpy
strchr
_stricmp
atoi
_fullpath
_except_handler3
strrchr
atol
tolower
_exit
_strnicmp
strncmp
??3@YAXPAX@Z
??2@YAPAXI@Z
remove
_itoa
toupper
isspace
_chdrive
_c_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
isdigit
memmove

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

kernel32

MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
GetProfileStringA
GetSystemDefaultLangID
GlobalReAlloc
GlobalAlloc
GetTimeZoneInformation
FindClose
FindFirstFileA
GetFileInformationByHandle
_llseek
GetSystemDirectoryA
GetModuleHandleW
GetProfileIntA
CloseHandle
GetVersionExA
GetStartupInfoA
MapViewOfFile
CreateFileMappingA
GetCurrentThread
GetModuleFileNameA
IsValidLocale
GlobalSize
VirtualAlloc
VirtualFree
_lclose
_lcreat
_lwrite
_lread
GetLastError
_lopen
SetEndOfFile
SetFilePointer
DeleteFileA
FindNextFileA
GetTickCount
SetCurrentDirectoryA
CopyFileA
MoveFileA
SetFileAttributesA
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
ExpandEnvironmentStringsA
SearchPathA
GetPrivateProfileStringA
GetTempPathA
GetTempFileNameA
CreateDirectoryA
GetCurrentDirectoryA
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
lstrcmpiA
GetFileAttributesA
GetModuleHandleA
SetErrorMode
LoadLibraryA
GetBinaryTypeA
FreeLibrary
Sleep
GetProcAddress
WinExec
GetUserDefaultLCID
CompareStringA
MulDiv
LocalSize
lstrcpynA
IsDBCSLeadByte
lstrcpyA
lstrlenA
LocalAlloc
LocalReAlloc
LocalFree
GetLocaleInfoA

gdi32

EnumFontFamiliesExA
GetTextAlign
SetTextAlign
GetTextColor
GetBkColor
Escape
SetAbortProc
StartDocA
EndDoc
CreateDCA
StartPage
EndPage
GetSystemPaletteEntries
CreatePen
IntersectClipRect
UnrealizeObject
SetBrushOrgEx
CreatePatternBrush
GetTextExtentPoint32A
CreateFontA
CreateRectRgn
SetRectRgn
CombineRgn
InvertRgn
PatBlt
ExtTextOutA
GetTextExtentPointW
GetTextExtentPointA
SetBkMode
TextOutW
TextOutA
GetTextCharset
GetTextMetricsA
MoveToEx
LineTo
Rectangle
GetStockObject
SetPixel
CreateCompatibleBitmap
GetTextFaceA
SetROP2
TranslateCharsetInfo
GetObjectA
DeleteObject
GetNearestColor
CreateCompatibleDC
SelectObject
SetTextColor
SetBkColor
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
PlayMetaFile
DeleteDC
CreateDiscardableBitmap
CreateSolidBrush
BitBlt
SetStretchBltMode
StretchBlt
CreateICA
GetDeviceCaps
CreatePalette
SaveDC
SetMapMode
SetWindowOrgEx
LPtoDP
RestoreDC
SetMetaFileBitsEx
CreateBitmap
SetDIBits
CreateDIBitmap
SelectPalette
RealizePalette
DeleteMetaFile
CreateFontIndirectA

user32

CheckDlgButton
EnumWindows
RegisterClassA
UnregisterClassA
DrawFocusRect
GetAsyncKeyState
ValidateRect
EnumChildWindows
GetWindowDC
CopyRect
CreateDialogParamA
IsDialogMessageA
ScrollWindow
SetScrollRange
GetScrollPos
SetScrollPos
ReleaseCapture
GetClassNameA
EnumThreadWindows
DialogBoxParamA
OffsetRect
KillTimer
GetFocus
PeekMessageA
GetSysColorBrush
BeginPaint
EndPaint
ChildWindowFromPoint
GetMessagePos
MonitorFromPoint
GetMonitorInfoA
SetWindowPos
SetCursor
ClientToScreen
FrameRect
InflateRect
SetCapture
SetMessageQueue
GetMessageA
TranslateAcceleratorA
wsprintfA
CallWindowProcA
PostMessageA
GetParent
GetClientRect
SetDlgItemTextA
GetWindowLongA
GetDlgItemTextA
GetWindowTextLengthA
IsWindowEnabled
EndDialog
SetWindowLongA
SetFocus
EnableWindow
IsClipboardFormatAvailable
GetDlgItem
SendDlgItemMessageA
CharNextA
CharPrevA
WinHelpA
CharLowerA
GetSysColor
InvertRect
SetRect
GetActiveWindow
IsWindow
FillRect
SetTimer
ShowWindow
IsWindowVisible
SetActiveWindow
InvalidateRect
SendMessageA
GetWindowRect
SetForegroundWindow
IsIconic
FindWindowA
CreatePopupMenu
AppendMenuA
GetKeyState
DrawMenuBar
GetMenu
DeleteMenu
EnableMenuItem
CheckMenuItem
DestroyWindow
SetWindowTextA
VkKeyScanA
GetWindow
GetSystemMetrics
TranslateMessage
IsDlgButtonChecked
MoveWindow
DestroyMenu
InsertMenuA
CreateMenu
GetWindowTextA
CreateWindowExA
TrackPopupMenu
GetCursorPos
GetMenuItemCount
GetSubMenu
SetMenu
LoadMenuA
LoadStringA
CharUpperA
GetDesktopWindow
MessageBoxA
LoadBitmapA
PtInRect
ShowScrollBar
InvalidateRgn
UpdateWindow
ReleaseDC
GetDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
CharNextW
RegisterClassExA
LoadIconA
LoadImageA
IsRectEmpty
SetRectEmpty
SystemParametersInfoA
EqualRect
IsZoomed
RegisterWindowMessageA
SetProcessDefaultLayout
GetProcessDefaultLayout
LoadCursorA
LoadAcceleratorsA
PostQuitMessage
DefWindowProcA
DispatchMessageA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a8de8772de38bd81eb16c604a66176c

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

Sections

.text Size: 227KB - Virtual size: 226KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 44KB - Virtual size: 43KB

XOR Size: 2KB - Virtual size: 2KB

.text
Size: 227KB - Virtual size: 226KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 44KB - Virtual size: 43KB

XOR
Size: 2KB - Virtual size: 2KB