NEAS[.]da1265ba81b1bf8b09ca07824d00dcb0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.da1265ba81b1bf8b09ca07824d00dcb0.exe
Size

393KB
MD5

da1265ba81b1bf8b09ca07824d00dcb0
SHA1

6a23aaf8594241378d77452e5ee0f6f84f6ef68c
SHA256

c232751f2ac47216b7e0f806aac275016a9cce62ce9372bdcfe5aaadcbff1ff2
SHA512

0885c1ee39608a2bb66587c7797319307ef5a42fbdab23706733d6bb52b2eda09d3f96b0892f42c98abf18a5e55fd23d9d32a9c7f84904cf4901849630bff2cc
SSDEEP

12288:ZWsTGmbkz3W2QRmFKKDSu5Jk4V/xZ5Ap:ZWAay6Djk2JZSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.da1265ba81b1bf8b09ca07824d00dcb0.exe

Files

NEAS.da1265ba81b1bf8b09ca07824d00dcb0.exe
.exe windows:6 windows x86

9fa8bd3ea5b3564fdcd6ac0d395cea11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SysStringLen

advapi32

OpenServiceA
ControlService
OpenSCManagerA
QueryServiceStatusEx
SetServiceStatus
StartServiceA
CreateServiceA
RegisterServiceCtrlHandlerA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey
CloseServiceHandle
StartServiceCtrlDispatcherA
DeleteService
EnumDependentServicesW
OpenServiceW

ws2_32

htonl
select
WSAGetLastError
htons
shutdown
WSACleanup
ntohl
bind
socket
closesocket
send
listen
accept
WSAStartup
ntohs
recv

kernel32

ReadConsoleW
GetThreadPriority
UnregisterWait
CreateFileW
SignalObjectAndWait
GetCommandLineA
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
LoadLibraryW
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
OutputDebugStringA
FormatMessageA
HeapAlloc
HeapFree
WaitForSingleObject
SetEvent
GetTickCount
GetProcessHeap
Sleep
CreateEventA
GetLastError
GetModuleFileNameA
CloseHandle
CreateThread
GetNativeSystemInfo
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
SetFileAttributesA
FindClose
FindNextFileA
DeleteFileA
CreateProcessA
CreateFileA
WriteFile
ReadFile
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetExitCodeThread
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
GetSystemTimeAsFileTime
MultiByteToWideChar
GetStringTypeW
RaiseException
RtlUnwind
GetCPInfo
InitializeCriticalSectionAndSpinCount
TlsGetValue
CreateTimerQueueTimer
IsProcessorFeaturePresent
ExitThread
LoadLibraryExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateSemaphoreW
CreateTimerQueue
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetModuleFileNameW
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
HeapReAlloc
DeleteTimerQueueTimer
GetProcessAffinityMask
SetThreadAffinityMask
OutputDebugStringW
SwitchToThread
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
CreateEventW
SetThreadPriority
GetVersionExW
VirtualAlloc
VirtualFree

Sections

.text
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fa8bd3ea5b3564fdcd6ac0d395cea11

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

advapi32

ws2_32

kernel32

Sections

.text Size: 253KB - Virtual size: 253KB

.rdata Size: 65KB - Virtual size: 64KB

.data Size: 11KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 253KB - Virtual size: 253KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 11KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 61KB - Virtual size: 61KB