Static task
static1
Behavioral task
behavioral1
Sample
NEAS.27488bdb46dcffd7a9a7765688e604c0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.27488bdb46dcffd7a9a7765688e604c0.exe
Resource
win10v2004-20231023-en
General
-
Target
NEAS.27488bdb46dcffd7a9a7765688e604c0.exe
-
Size
1.8MB
-
MD5
27488bdb46dcffd7a9a7765688e604c0
-
SHA1
ec527f7e1c1873c4af3b3eee2936319c5fa69de1
-
SHA256
beee6ae6d346abc884d52bc3f87ca2f6f20f1febbeee6bf17adfdd611cf5c741
-
SHA512
61473567aaccb19c2fb58e23fd81829315ac7759cf0b101f8ca65bf351b9f14d55f29753980dd33855ff157b57c0228b17f727becf562938b5af7f1ec1ebed5b
-
SSDEEP
49152:jrakT1WacSLDKlBz1EyhzkkOwWkODI03HwYA:jrakZWBSnKneyhzkkO3kgIP1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.27488bdb46dcffd7a9a7765688e604c0.exe
Files
-
NEAS.27488bdb46dcffd7a9a7765688e604c0.exe.exe windows:4 windows x86
09032e2f3e461fd76656091d052de55a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
PlaySoundA
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
comctl32
ImageList_GetIconSize
InitCommonControlsEx
kernel32
LockFile
LockResource
lstrcmpA
lstrcmpiA
lstrcmpW
lstrcpyA
lstrlenA
lstrlenW
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
LoadLibraryExA
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringA
LCMapStringW
IsValidCodePage
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
RtlUnwind
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentVariableA
HeapDestroy
VirtualFree
InterlockedDecrement
HeapSize
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVolumeInformationA
LocalReAlloc
LCMapStringA
GetStringTypeA
GetVersionExA
GetTimeZoneInformation
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProfileIntA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetNumberFormatA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileAttributesExA
GetFileAttributesA
GetEnvironmentStringsW
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetCPInfo
GetConsoleCP
GetACP
FreeResource
FreeEnvironmentStringsW
FormatMessageA
FlushFileBuffers
FindResourceW
FindResourceExW
FindResourceA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
ExitProcess
DuplicateHandle
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileW
CreateFileA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
GetCommandLineW
LocalAlloc
GetConsoleMode
CreateEventA
GetStartupInfoA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
LocalFree
LoadResource
LoadLibraryW
SetUnhandledExceptionFilter
user32
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadMenuA
LoadMenuW
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
LoadBitmapW
LoadAcceleratorsW
LoadAcceleratorsA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharLowerA
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GrayStringA
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetWindowRgn
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenuCheckMarkDimensions
GetLastActivePopup
GetKeyNameTextA
GetKeyboardState
GetKeyboardLayout
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
ReuseDDElParam
UnpackDDElParam
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExA
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FillRect
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExA
DrawTextA
DrawStateA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamA
CreateAcceleratorTableA
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableA
CloseClipboard
ClientToScreen
CheckMenuItem
CheckDlgButton
CharUpperBuffA
CharUpperA
CharNextA
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
GetKeyState
GetDC
GetDesktopWindow
GetWindowRect
ReleaseDC
GetPropA
gdi32
ExcludeClipRect
ExtFloodFill
ExtSelectClipRgn
ExtTextOutA
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetClipBox
GetDeviceCaps
GetMapMode
GetNearestPaletteIndex
GetObjectA
CreateDIBitmap
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
Ellipse
LPtoDP
MoveToEx
OffsetRgn
Escape
OffsetWindowOrgEx
PatBlt
Polyline
PtInRegion
PtVisible
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectPalette
SetBkColor
SetBkMode
SetDIBColorTable
SetMapMode
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetRectRgn
SetROP2
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
DPtoLP
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreatePolygonRgn
EnumFontFamiliesExA
OffsetViewportOrgEx
EnumFontFamiliesA
CreatePen
CreatePatternBrush
CreatePalette
CreateHatchBrush
CreateFontIndirectA
LineTo
DeleteDC
CreateDCA
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
CombineRgn
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
DeleteObject
CreateEllipticRgn
winspool.drv
OpenPrinterA
ClosePrinter
DocumentPropertiesA
comdlg32
GetFileTitleA
advapi32
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
shell32
DragFinish
DragQueryFileA
ShellExecuteA
CommandLineToArgvW
ole32
OleIsCurrentClipboard
OleLockRunning
OleTranslateAccelerator
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
OleGetClipboard
OleDuplicateData
OleDestroyMenuDescriptor
IsAccelerator
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
DoDragDrop
shlwapi
PathStripToRootA
PathRemoveFileSpecW
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
Sections
.text Size: 820KB - Virtual size: 818KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mac1031 Size: 799KB - Virtual size: 799KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE