NEAS[.]01a5c8c10122b2eae8ebe7ffb21e2d20[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.01a5c8c10122b2eae8ebe7ffb21e2d20.exe
Size

6.1MB
MD5

01a5c8c10122b2eae8ebe7ffb21e2d20
SHA1

4aa04d0b9c0c21118d56f2a3145e15c93b2aa641
SHA256

6c777835cfb2fd51e535245ae7412f3c41f3e7537aed1303e7495d6cbc917260
SHA512

55546b6cc84018175f9e3dae05127e609d360ae1cb3a9b9db289d3b66bfaf1cf6d6c6043652929971d283e79fe7ac0443d6648392be12f5fef5c1e98aa6919d8
SSDEEP

196608:yIW5VSO/6e3nBVediRlnmJaPXKyJQul/nD6n:kJ3SinPXuul6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.01a5c8c10122b2eae8ebe7ffb21e2d20.exe

Files

NEAS.01a5c8c10122b2eae8ebe7ffb21e2d20.exe
.dll windows:6 windows x86

8a98dd217bb9a2c1be55927917bad344

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
CloseHandle
WriteFile
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
RemoveDirectoryW
GetStartupInfoW
GetThreadTimes
IsDebuggerPresent
GetModuleHandleA
GetExitCodeThread
FindClose
VerifyVersionInfoW
MulDiv
GetFileAttributesW
GetExitCodeProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetUserDefaultLangID
VirtualFree
InitializeSListHead
GetCurrentProcess
LoadResource
FreeLibrary
GetTickCount
ExpandEnvironmentStringsW
DeviceIoControl
GetModuleFileNameW
GetVersionExW
GetLocaleInfoW
GetVersion
IsDBCSLeadByteEx
MultiByteToWideChar
CreateProcessA
LeaveCriticalSection
ReadProcessMemory
GetACP
GetProcessHeap
EnumSystemLocalesW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
HeapFree
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
LCMapStringW
IsValidLocale
GetUserDefaultLCID

user32

GetDlgItemTextW
IsIconic
AttachThreadInput
DestroyAcceleratorTable
IsZoomed
RemovePropA
GetMenuItemInfoW
WaitMessage
DrawFocusRect
GetKeyboardLayout
CheckMenuRadioItem
LoadMenuW
SetScrollPos
MonitorFromWindow
CreatePopupMenu
GetSysColorBrush
FlashWindow
RegisterClassW
GetSystemMetrics
GetCaretBlinkTime
ShowCaret
EndMenu
DestroyIcon
SetFocus
MessageBoxA
GetDlgItem
GetMenuItemCount
BeginDeferWindowPos
InsertMenuA

gdi32

Ellipse
SetWindowOrgEx
SetViewportOrgEx
LineTo
MaskBlt
GetRgnBox
CombineRgn
SetMapMode
GetObjectType
StretchDIBits
GetTextExtentPointW
SelectPalette
GetCharABCWidthsW
GetSystemPaletteEntries
CreatePen
SetROP2
SetWinMetaFileBits
GetTextExtentExPointA
GetTextExtentPoint32A
GetDeviceCaps
StretchBlt
SelectObject
Rectangle
CreatePatternBrush
TextOutA
ExcludeClipRect

comdlg32

FindTextW

advapi32

StartServiceW
OpenSCManagerW
ChangeServiceConfigW

ole32

CoInitialize

Sections

.text
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a98dd217bb9a2c1be55927917bad344

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 421KB - Virtual size: 420KB

.data Size: 5.6MB - Virtual size: 5.6MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 421KB - Virtual size: 420KB

.data
Size: 5.6MB - Virtual size: 5.6MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 11KB - Virtual size: 10KB