NEAS[.]6cc0a545baef7eb6ebf79b00ff330680[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6cc0a545baef7eb6ebf79b00ff330680.exe
Size

522KB
MD5

6cc0a545baef7eb6ebf79b00ff330680
SHA1

2edd84d9b8ef97cd14981b4f077e0245fd6cbf1f
SHA256

4c656d1c199dd040efd111334f0517311df77e0c8521167b8e772e2a270fc7c9
SHA512

a5f2a6d421acdaf8aebfcaaed26e821294338a4b10aa7764cbc71db975a30b731b497b3dd68ad9e768caa3c1440a96454618b587ecd0359a425c551c01c8cc97
SSDEEP

12288:S/rOzj+thtbtnPHr9cSUmpFxgaWvJ3WN39rIOFt1xnzxRjgTJXxyRiHCpP7:S/aMNRmaYmRlNR2XxyUHCJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6cc0a545baef7eb6ebf79b00ff330680.exe

Files

NEAS.6cc0a545baef7eb6ebf79b00ff330680.exe
.exe windows:5 windows x86

898aa8970de865e9538508ae473c4ad2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetLongPathNameW
GetModuleFileNameW
GetFullPathNameW
GetFileAttributesW
GetFileAttributesA
CloseHandle
CreateFileW
AllocConsole
GetCommandLineW
GetLastError
CreateMutexW
MultiByteToWideChar
Sleep
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesExW
SetHandleInformation
InitializeCriticalSection
CreateEventW
WaitForSingleObject
ReleaseMutex
GetCurrentThreadId
GetProcAddress
LoadLibraryW
SetEvent
DeleteFileW
FindFirstFileW
SetLastError
FindClose
FindNextFileW
TerminateProcess
CreateProcessW
GetFullPathNameA
DuplicateHandle
GetCurrentProcess
CreateDirectoryW
WaitForMultipleObjects
SetThreadPriority
GetTimeFormatA
PulseEvent
CreateDirectoryA
GetWindowsDirectoryW
GetTempPathW
GetProcessId
GetModuleHandleW
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CreateFileA
WriteConsoleW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapCreate
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetLocaleInfoW
WriteFile
GetStdHandle
SetHandleCount
GetCurrentThread
GetTickCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LCMapStringW
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
CreateProcessA
CreatePipe
RemoveDirectoryA
HeapReAlloc
GetDateFormatA
SetFilePointer
DeleteFileA
MoveFileA
GetSystemTimeAsFileTime
ReadFile
CreateThread
ResumeThread
ExitThread
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
ExitProcess
HeapAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
DeleteCriticalSection
InterlockedExchange

user32

SetWindowTextW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetClientRect
LoadIconW
SendMessageW
LoadImageW
GetSystemMetrics
ShowWindow
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
SetWindowLongW
GetWindowRect
IsZoomed
ReleaseDC
GetDC
MessageBoxW
DefWindowProcW
PostQuitMessage
SetForegroundWindow
IsIconic
FindWindowW
UpdateWindow
CreateWindowExW
RegisterClassExW
GetSysColorBrush
MoveWindow
GetDesktopWindow
GetWindow
GetWindowLongW
GetParent

gdi32

GetDeviceCaps

shell32

ShellExecuteW
CommandLineToArgvW

libcef

cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf16_set
cef_string_userfree_utf16_free
cef_v8value_create_bool
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_function
cef_string_list_free
cef_string_list_alloc
cef_process_message_create
cef_browser_host_create_browser
cef_shutdown
cef_run_message_loop
cef_quit_message_loop
cef_execute_process
cef_api_hash
cef_initialize
cef_post_delayed_task
cef_string_list_append
cef_string_map_append
cef_string_multimap_append
cef_string_list_value
cef_string_list_size
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_list_copy
cef_string_map_free
cef_string_map_alloc
cef_string_multimap_free
cef_string_multimap_alloc

ws2_32

accept
recv
send
inet_ntoa
closesocket
shutdown
setsockopt
ioctlsocket
getsockname
connect
htons
socket
gethostbyname
WSACleanup
ntohs
WSAStartup
listen
bind
htonl
ntohl
__WSAFDIsSet
select

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

898aa8970de865e9538508ae473c4ad2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

libcef

ws2_32

version

Sections

.text Size: 399KB - Virtual size: 399KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 19KB - Virtual size: 29KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 399KB - Virtual size: 399KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 19KB - Virtual size: 29KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 27KB - Virtual size: 26KB