NEAS[.]2a8fd22a022d3e3a681c1d363ee837d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2a8fd22a022d3e3a681c1d363ee837d0.exe
Size

556KB
MD5

2a8fd22a022d3e3a681c1d363ee837d0
SHA1

22ce4fcc649f53e4aba0d2458ca1eff19b3f1eef
SHA256

e395cae07c164a0c932f40d50d8c9c80aded047fc9a98c5c945298772cc2198f
SHA512

4e1478060432d700e87bb62dd1d7e2fa3f7955dd31fe8267c6a4632347ff5175d0d5de17c5c37bb95a9e05a2a9fa905e1b87fccf98f722c91703631c997911b7
SSDEEP

12288:s1/ezKFKjBbAXPKpm+wdFvhAGN1segggg0GCm2:y/+KYqXCk+wd9hiegggg0Gv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2a8fd22a022d3e3a681c1d363ee837d0.exe

Files

NEAS.2a8fd22a022d3e3a681c1d363ee837d0.exe
.exe windows:4 windows x86

2e615a647c819a6eea35423a73182742

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA
GetModuleBaseNameA

kernel32

WriteFile
SetFilePointer
FlushFileBuffers
CreateFileA
SetErrorMode
HeapReAlloc
VirtualAlloc
RtlUnwind
GetCommandLineA
GetStartupInfoA
RaiseException
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
ReadFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WritePrivateProfileStringA
GetThreadLocale
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GetCurrentProcessId
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpW
FreeResource
InterlockedDecrement
GetModuleFileNameW
OpenEventA
GetFullPathNameA
CreateEventA
ResetEvent
SetEvent
GetUserDefaultLangID
GetModuleFileNameA
GlobalFindAtomA
GlobalAddAtomA
FormatMessageA
LocalFree
GlobalUnlock
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalLock
lstrcpyA
MulDiv
CreateMutexA
ReleaseMutex
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
ExitThread
GetSystemInfo
ExpandEnvironmentStringsA
Sleep
CreateProcessA
TerminateThread
WaitForSingleObject
GetCurrentProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenProcess
CloseHandle
GetVersionExA
FreeLibrary
GetTickCount
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WinExec
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetStdHandle

user32

LoadMenuA
ReuseDDElParam
UnpackDDElParam
SetRect
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
ShowOwnedPopups
GetSysColorBrush
UnregisterClassA
GetDCEx
LockWindowUpdate
DrawTextA
TabbedTextOutA
FillRect
WindowFromPoint
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
LoadAcceleratorsA
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
EqualRect
DeferWindowPos
PtInRect
DefWindowProcA
CallWindowProcA
SetWindowPos
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
UnhookWindowsHookEx
GetMenuState
LoadImageA
ReleaseDC
EndDialog
SetWindowTextA
RegisterHotKey
UnregisterHotKey
IntersectRect
IsIconic
GetWindowPlacement
DrawIconEx
GetSubMenu
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
AppendMenuA
DrawEdge
InflateRect
CopyRect
WinHelpA
SendMessageA
LoadIconA
EnableWindow
InsertMenuItemA
SetMenu
TranslateAcceleratorA
UpdateWindow
GetForegroundWindow
GetAsyncKeyState
RegisterWindowMessageA
keybd_event
ChangeDisplaySettingsExA
SetTimer
SystemParametersInfoA
GetSysColor
EnumWindows
GetWindow
FindWindowA
DestroyIcon
KillTimer
FindWindowExA
EnumChildWindows
GetClassInfoA
IsWindow
InvalidateRect
SetRectEmpty
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
LoadStringA
GetDlgCtrlID
GetWindowRect
ScreenToClient
SetCapture
GetDesktopWindow
SetForegroundWindow
GetClassLongA
GetDlgItem
ShowCursor
SetCursor
GetCursorPos
LoadCursorA
GetParent
GetWindowThreadProcessId
SendMessageTimeoutA
GetDC
PostMessageA
CreatePopupMenu
LoadBitmapA
EnumDisplaySettingsA
MessageBoxA
OffsetRect
GetFocus
GetClassNameA
IsWindowVisible
ShowWindow
MessageBeep
ReleaseCapture
BringWindowToTop
GetWindowLongA
SetWindowLongA
GetDoubleClickTime
GetSystemMetrics
GetWindowTextA
AdjustWindowRectEx

gdi32

SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
GetStockObject
CreatePen
CreateSolidBrush
GetTextExtentPoint32A
GetCharWidthA
StretchDIBits
GetBkColor
SetRectRgn
CombineRgn
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
GetPixel
CreateRectRgn
SelectClipRgn
ExtEscape
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetDeviceCaps
GetClipBox
GetDCOrgEx
SelectObject
CreateDIBitmap
BitBlt
PatBlt
Rectangle
GetTextColor
CreateBitmap
GetObjectA
CreateFontA
CreateFontIndirectA
DeleteObject
StretchBlt
DeleteDC
TextOutA
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegSetValueExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA
DragQueryFileA
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
SysAllocStringLen
VariantChangeType
VariantClear

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e615a647c819a6eea35423a73182742

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oleacc

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 12KB - Virtual size: 47KB

.rsrc Size: 200KB - Virtual size: 199KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 12KB - Virtual size: 47KB

.rsrc
Size: 200KB - Virtual size: 199KB