NEAS[.]b6153f82b119f69037f35f4643addf30[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b6153f82b119f69037f35f4643addf30.exe
Size

6.2MB
MD5

b6153f82b119f69037f35f4643addf30
SHA1

59030f3a538574274b3c4a2661d515ea5d26f06c
SHA256

d2c557e4a1db7dd7264a49b0e8b29fbc481123ce9fe0872a07cb9ed49fb90219
SHA512

67e1eabc04d8aad3b00c51aae07d745e5ede059c3ffacaa478e0e99999077cf078c360dcd4e97aa6f52db5ec93c33957cc96d0f56713aa857adceea84b1b2d41
SSDEEP

98304:Ld4nVhNSv4hzSVfIwfcGjKmk84RVQT9gDvTaEcrjmj7:546eOFfcIKmkETfje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b6153f82b119f69037f35f4643addf30.exe

Files

NEAS.b6153f82b119f69037f35f4643addf30.exe
.exe windows:4 windows x86

5754d8c44c09233251ca6c7ddd32871a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

mpr

WNetCloseEnum

comctl32

InitCommonControlsEx

kernel32

GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindResourceA
FindResourceExW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeResource
GetACP
GetConsoleCP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesExA
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberFormatA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProfileIntA
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetTimeZoneInformation
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
QueryPerformanceCounter
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExA
LoadLibraryW
LocalAlloc
LocalFree
LocalReAlloc
LockFile
lstrcmpA
lstrcmpiA
lstrcmpW
lstrcpyA
lstrlenA
lstrlenW
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringA
LockResource
LoadResource
FindResourceW
GetConsoleMode
GetCommandLineW
GetProcAddress
LoadLibraryA
FreeLibrary
GlobalLock

user32

DrawStateA
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDialog
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
DestroyCursor
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyboardLayout
UnpackDDElParam
ReuseDDElParam
GetKeyboardState
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgGroupItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GrayStringA
HideCaret
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharLowerA
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadMenuA
LoadMenuW
LockWindowUpdate
DrawMenuBar
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
VkKeyScanA
GetWindowThreadProcessId
GetForegroundWindow
BringWindowToTop
CallNextHookEx
DestroyAcceleratorTable
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamA
CreateAcceleratorTableA
CopyRect
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
CallWindowProcA
CharNextA
CharUpperA
CharUpperBuffA
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyAcceleratorTableA
CopyIcon
CopyImage
DispatchMessageA
DestroyWindow
DestroyMenu
MapDialogRect
DestroyIcon
GetDlgItem

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
RegEnumKeyExA

shell32

DragQueryFileA
ShellExecuteA
CommandLineToArgvW

ole32

OleIsCurrentClipboard
OleLockRunning
OleTranslateAccelerator
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleCreateMenuDescriptor
IsAccelerator
OleInitialize
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoCreateGuid
CLSIDFromString
OleGetClipboard
OleFlushClipboard
OleDuplicateData
DoDragDrop
OleDestroyMenuDescriptor

shlwapi

PathStripToRootA
PathRemoveFileSpecW
PathFindFileNameA
PathIsUNCA

msvcrt

exit
_XcptFilter
_exit
_except_handler3
__setusermatherr
_acmdln
__p__commode
__p__fmode
__set_app_type
_controlfp
__getmainargs
_adjust_fdiv
_initterm

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdrl
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5754d8c44c09233251ca6c7ddd32871a

Headers

File Characteristics

Imports

imm32

mpr

comctl32

kernel32

user32

winspool.drv

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 4.0MB

.tls Size: 8KB - Virtual size: 4KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.bdrl Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 4.0MB

.tls
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.bdrl
Size: 1.2MB - Virtual size: 1.2MB