NEAS[.]0a62068aaf6e5dd12e49a61cdca67150[.]exe

General

Target

NEAS.0a62068aaf6e5dd12e49a61cdca67150.exe
Size

44KB
MD5

0a62068aaf6e5dd12e49a61cdca67150
SHA1

bae868c9f5f9610a52ae55bce6621a4ecf074e93
SHA256

e17bd6e20e21a78105641dcd8f4f48f2485105994cabf93cd10105158fed18c0
SHA512

08c3947f8c2633bec4d2ea0076446b805fda1240c49e24137adf657daeb91a447c9f77474cef993ab859b28aefd51b99a51bc2f9bed13f571cb6176d85b7e22b
SSDEEP

768:ctETdd7dWBWJKUz3TK9jmd0+uLRZ/8opt:UETdd5HHqjS0blCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0a62068aaf6e5dd12e49a61cdca67150.exe

Files

NEAS.0a62068aaf6e5dd12e49a61cdca67150.exe
.dll windows:4 windows x86

f3254b0bcf2afa7eac17cf8ac5c265f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
WriteFile
InitializeCriticalSection
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
WinExec
VirtualFree
HeapFree
LCMapStringA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

FindExecutableA

Exports

Exports

_Java_InetNative_autoDial@8
_Java_InetNative_loadIE@12

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3254b0bcf2afa7eac17cf8ac5c265f0

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 3KB