NEAS[.]d470ce295e8e8f4cc9f68bb7b2c64ed0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.d470ce295e8e8f4cc9f68bb7b2c64ed0.exe
Size

6.1MB
MD5

d470ce295e8e8f4cc9f68bb7b2c64ed0
SHA1

c6b2f86805f2b9318a68606eda066e41baa83d77
SHA256

033cbdbce96ce707c5b45e350d21ad135114e6c35a54fa65b2654bdd550d11ef
SHA512

b6a1da4519322f6bb2c034d5079f80919447f98e1a160f37eb8665789a3a215130280aff92a267c1eac9132aca42b7da70af83db660d4f1db2f114a725541cb5
SSDEEP

98304:nEyjNANtPJP0E+lYOTLToRVQT9nDvTuO/BkXbdSAp:nEIuqrlBjlToFp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d470ce295e8e8f4cc9f68bb7b2c64ed0.exe

Files

NEAS.d470ce295e8e8f4cc9f68bb7b2c64ed0.exe
.exe windows:4 windows x86

8e7da72a1649865b9092b0fef183e05e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

mpr

WNetCloseEnum

comctl32

InitCommonControlsEx

kernel32

FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoA
CompareStringA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindResourceA
FindResourceExW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeResource
GetACP
GetConsoleCP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesExA
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberFormatA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProfileIntA
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetTimeZoneInformation
LockResource
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GetProcAddress
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExA
LoadLibraryW
LocalAlloc
LocalFree
LocalReAlloc
LockFile
lstrcmpA
lstrcmpiA
lstrcmpW
lstrcpyA
lstrlenA
lstrlenW
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringA
GetCommandLineW
GetConsoleMode
FindResourceW
GlobalAlloc
LoadResource
GetVersionExA
GlobalSize

user32

DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateA
DrawTextA
DrawTextExA
DrawEdge
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
UnpackDDElParam
ReuseDDElParam
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyboardLayout
GetKeyboardState
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GrayStringA
HideCaret
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharLowerA
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadMenuA
LoadMenuW
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
VkKeyScanA
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamA
CreateAcceleratorTableA
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableA
CloseClipboard
ClientToScreen
CheckMenuItem
CheckDlgButton
CharUpperBuffA
CharUpperA
CharNextA
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
GetForegroundWindow
GetWindowThreadProcessId
EmptyClipboard

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyA
RegEnumKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA

shell32

DragQueryFileA
ShellExecuteA
CommandLineToArgvW

ole32

OleIsCurrentClipboard
OleLockRunning
OleTranslateAccelerator
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
IsAccelerator
DoDragDrop
OleInitialize
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoCreateGuid
CLSIDFromString
OleGetClipboard
OleFlushClipboard
OleDestroyMenuDescriptor
OleDuplicateData
CreateStreamOnHGlobal
OleCreateMenuDescriptor

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_acmdln
_except_handler3
__p__fmode
__set_app_type
exit
_exit
_XcptFilter
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adrl
Size: 999KB - Virtual size: 1000KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e7da72a1649865b9092b0fef183e05e

Headers

File Characteristics

Imports

winmm

imm32

mpr

comctl32

kernel32

user32

winspool.drv

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 4.0MB

.tls Size: 8KB - Virtual size: 4KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.adrl Size: 999KB - Virtual size: 1000KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 4.0MB

.tls
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.adrl
Size: 999KB - Virtual size: 1000KB