NEAS[.]44d69f6d805f517b0b8349408367b940[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.44d69f6d805f517b0b8349408367b940.exe
Size

436KB
MD5

44d69f6d805f517b0b8349408367b940
SHA1

69ca40691f2d526df4506d1851b04eb030509cd9
SHA256

c1730c68963bd2efcc8c0e7b3d3cd15f2770f657317af0918dfec7b3261db67c
SHA512

4c99fd64731ba11cc12eb1ba0d502621b8035c9f54d3c39a4efb3f1f8a3d072ed58cb22cbce7973640107037f85ffa72936e290fc3af54c7b4593bca19b08650
SSDEEP

3072:XpBbrCFpz6s9qGX76R0nqxyyIzNq7SpfytxLc70Qf5d3FXQ3yAIdB7lw8YpWuH2t:XbCF96Y6R0qx0Q7csxLchxdv+7adD

Score

1^/10

Malware Config

Signatures

Files

NEAS.44d69f6d805f517b0b8349408367b940.exe
.dll windows:6 windows x86

a08d9510db377cca89d7499a87ded4c2

Code Sign

5c:fa:be:9c:d3:6b:6c:6d:b6:4a:8d:f9:af:f1:e6:80
Certificate

Issuer

CN=ClientPCSpeedupCorp,1.2.840.113549.1.9.1=#0c1e73747265616d40636c69656e74706373706565647570636f72702e6e6574

Not Before

08/01/2022, 00:00

Not After

08/01/2023, 23:59

Subject

CN=ClientPCSpeedupCorp,1.2.840.113549.1.9.1=#0c1e73747265616d40636c69656e74706373706565647570636f72702e6e6574

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetModuleHandleA
HeapReAlloc
GetCommModemStatus
HeapAlloc
SystemTimeToFileTime
OpenJobObjectA
SetEnvironmentVariableW
HeapFree
SetEvent
ReleaseSRWLockExclusive
GetCommProperties
GetProcessHeap
GetUILanguageInfo
WideCharToMultiByte
HeapDestroy
InitializeCriticalSectionEx
GetDynamicTimeZoneInformation
RaiseException
GetProcAddress
HeapSize
CreateConsoleScreenBuffer
DefineDosDeviceW
OpenWaitableTimerA
AddAtomW
DecodePointer
CreateEventExW
UnregisterApplicationRecoveryCallback
EnumResourceNamesA
DeleteCriticalSection
DeleteFileW
CreateWaitableTimerA
GetCurrentProcess
EnterCriticalSection
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
EnumSystemLocalesW
GetUserDefaultLCID
GetLastError
FreeLibrary
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
RtlUnwind
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
LeaveCriticalSection
EncodePointer
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
AreFileApisANSI
MultiByteToWideChar
SetConsoleCtrlHandler
OutputDebugStringW
LoadLibraryExW
WriteFile
FatalAppExitA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThread
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
GetModuleHandleW
CreateSemaphoreW
SetStdHandle
SetFilePointerEx
CreateFileW

user32

UnregisterClassA

gdi32

GetCurrentObject

ole32

CreateBindCtx
OleConvertIStorageToOLESTREAMEx
StgCreateDocfileOnILockBytes
OleNoteObjectVisible
CoGetCurrentLogicalThreadId

version

VerQueryValueW

Exports

Exports

dv9omu
klwizg
qvdyd4
rwtho0
twn18i

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a08d9510db377cca89d7499a87ded4c2

Code Sign

5c:fa:be:9c:d3:6b:6c:6d:b6:4a:8d:f9:af:f1:e6:80Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

version

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 220KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 151KB - Virtual size: 159KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 11KB

5c:fa:be:9c:d3:6b:6c:6d:b6:4a:8d:f9:af:f1:e6:80
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 151KB - Virtual size: 159KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB