NEAS[.]8b947d9b9a629dd9a9e98d9a7f7eb100[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.8b947d9b9a629dd9a9e98d9a7f7eb100.exe
Size

6.1MB
MD5

8b947d9b9a629dd9a9e98d9a7f7eb100
SHA1

60cab13b7e74d06cdd8fa59ffdfeee06e3a5317c
SHA256

e6889430d28ac4eae46c811b90efe1ece8e9d5164a087c2744a4c54f5963f172
SHA512

4de35a986f66c0026c9e710d931fabf6bdf41dd653aa3b15d86e195291fa532095e98207d51c86e2dc2b227b09647beb1187a311423f198235b2f87d526054a3
SSDEEP

98304:crR+H32xOCNgnYdcanCMQ02tPSS6PDsefkSyNZyuYfwcY7N26GrxSSczErC:gRE32TNgY3vQ07S0D7s1yuOYKIYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8b947d9b9a629dd9a9e98d9a7f7eb100.exe

Files

NEAS.8b947d9b9a629dd9a9e98d9a7f7eb100.exe
.dll windows:6 windows x86

6054edcae52ebb10de150f97a277ce0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
VerSetConditionMask
GetOverlappedResult
CreateEventW
GetOEMCP
TlsAlloc
FileTimeToLocalFileTime
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
lstrcpyW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
GetACP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetProcessHeap
GetSystemInfo
GetLocalTime
FindClose
IsValidCodePage
VirtualAlloc
CompareStringW
MulDiv
ReadProcessMemory
GetCommandLineA
GetCurrentThread
WaitForSingleObjectEx
CompareFileTime
LoadLibraryExW
SetFilePointer
GetFullPathNameW
EnumResourceNamesW
GetTimeZoneInformation
QueryDosDeviceW
IsValidLocale
WaitNamedPipeA
RtlCaptureContext
ReadFile
IsDebuggerPresent
HeapSize
GetModuleHandleExW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
HeapReAlloc
GetCurrentThreadId
RaiseException
RtlUnwind
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess

user32

GetWindowTextLengthA
GetCapture
GetWindowTextA
DrawMenuBar
DrawFrameControl
SetMenuItemInfoW
AppendMenuA
GetWindowRect
SendDlgItemMessageA
IsIconic
PostMessageW
GetKeyState
LoadIconA
ModifyMenuW
GetClassNameW
IsDlgButtonChecked
GetSystemMetrics
SetScrollInfo
EndPaint
MsgWaitForMultipleObjects
RemovePropA
MessageBoxA
InsertMenuA
SetKeyboardState

gdi32

MoveToEx
CreatePalette
RectVisible
GetSystemPaletteEntries
GetBitmapBits
SetLayout
GetTextExtentPoint32A
SetViewportOrgEx
ExtTextOutA
GetTextExtentPoint32W
StretchBlt
GetTextExtentPointA
SetViewportExtEx
GetPixel
CreatePolygonRgn

comdlg32

GetSaveFileNameW

advapi32

RegUnLoadKeyW
RegConnectRegistryW
OpenProcessToken

oleaut32

VariantChangeType
SafeArrayGetLBound
SysReAllocStringLen

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6054edcae52ebb10de150f97a277ce0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Sections

.text Size: 458KB - Virtual size: 458KB

.data Size: 5.6MB - Virtual size: 5.7MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 458KB - Virtual size: 458KB

.data
Size: 5.6MB - Virtual size: 5.7MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 12KB - Virtual size: 11KB