NEAS[.]1b3aaccc80ba13add7408ca1d8bb4fa0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1b3aaccc80ba13add7408ca1d8bb4fa0.exe
Size

2.3MB
MD5

1b3aaccc80ba13add7408ca1d8bb4fa0
SHA1

0cf60acd483797dc475e8361cda32823328da09f
SHA256

da998f23d90e756b122e9e3a238d15f17f9eec8e049a4f7381879f32f724da8c
SHA512

4df235b04754e78f72f6c3f5ce6041dd68daba77d147b0323d641afbb41b537243c1e67a0bdac6b6937f246a40af4389afd6a0f90ab33d800533000e3dc9e7f5
SSDEEP

24576:z7TALrC2mZ7lgPeedWpG8OtElKtFq+f5laj+eq3rcEj62Yip+GQOO4g+oPOnaHFi:z7+gfzWZxj62RQsoPOniswTJOP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1b3aaccc80ba13add7408ca1d8bb4fa0.exe

Files

NEAS.1b3aaccc80ba13add7408ca1d8bb4fa0.exe
.exe windows:5 windows x86

1e6f022adf7e5ed662c5c24afbd3944b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_Destroy
ord16
CreateStatusWindowW
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord17

kernel32

QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
VirtualAlloc
GetTickCount
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleFileNameA
IsDebuggerPresent
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MoveFileW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
SetStdHandle
WriteConsoleW
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
GetModuleHandleA
GetOEMCP
LCMapStringW
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoA
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
FindFirstFileA
FindNextFileA
SetFilePointer
SetEndOfFile
CreateFileA
RaiseException
WriteFile
ReadFile
ExpandEnvironmentStringsW
FindNextFileW
OutputDebugStringW
GetStdHandle
GetThreadLocale
WideCharToMultiByte
GetTempFileNameW
FindFirstFileW
FindClose
GetFileSize
MultiByteToWideChar
TlsAlloc
TlsSetValue
TlsFree
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetTempPathW
ExitProcess
CompareStringA
TerminateProcess
SetEnvironmentVariableW
IsValidCodePage
GetCPInfo
Sleep
GetCurrentProcessId
GetEnvironmentVariableW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetACP
FormatMessageW
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleW
CreateFileW
CloseHandle
GetWindowsDirectoryW
SetCurrentDirectoryW
CopyFileW
GetFileAttributesW
GetFileType
GetProcessHeap
HeapSize
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
InitializeCriticalSection
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
FreeLibrary
LoadLibraryW
LocalAlloc
LocalFree
GetCommandLineW
SetErrorMode
GetVersionExW
GetCurrentThreadId
SetLastError
GetSystemPowerStatus
GetSystemDirectoryW
VirtualFree

user32

DdeFreeStringHandle
PostThreadMessageW
MessageBeep
EnumDisplaySettingsW
ChangeDisplaySettingsW
ShowCursor
SetClipboardData
RegisterClipboardFormatW
DrawStateW
DrawEdge
GetMenuStringW
DefMDIChildProcW
TranslateMDISysAccel
DefFrameProcW
UnionRect
HideCaret
keybd_event
GetWindowTextLengthW
GetWindowTextW
GetClassNameW
ValidateRect
GetMessageW
DrawIconEx
GetWindowDC
SetTimer
KillTimer
GetMessagePos
MapWindowPoints
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
ChildWindowFromPoint
OffsetRect
CopyRect
DrawFocusRect
DrawTextW
DestroyCursor
GetForegroundWindow
CreateDialogIndirectParamW
FlashWindow
DdeQueryStringW
AdjustWindowRectEx
GetSystemMenu
GetDesktopWindow
IsIconic
IsZoomed
DdeConnect
GetDlgItem
CreateDialogParamW
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
CheckMenuRadioItem
CheckMenuItem
InsertMenuItemW
EnableMenuItem
GetSubMenu
CreateMenu
AppendMenuW
DrawMenuBar
GetMenuState
InsertMenuW
RemoveMenu
ModifyMenuW
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
LoadImageW
DestroyIcon
LoadBitmapW
LoadIconW
CreateIconIndirect
GetIconInfo
UnregisterClassW
LoadCursorW
RegisterClassW
MessageBoxW
GetUpdateRect
BeginPaint
DrawIcon
EndPaint
SetMenu
PostMessageW
SetForegroundWindow
InflateRect
GetUpdateRgn
GetSysColor
CreateWindowExW
SetWindowsHookExW
IsDialogMessageW
TrackPopupMenu
IsWindow
PtInRect
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
SetWindowRgn
DdeNameService
SystemParametersInfoW
SendMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
PeekMessageW
ReleaseDC
GetDC
VkKeyScanW
GetAsyncKeyState
GetSystemMetrics
GetKeyState
DdePostAdvise
BringWindowToTop
SetCursor
GetCapture
DestroyWindow
UnhookWindowsHookEx
UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoW
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
InvalidateRect
SetWindowTextW
GetFocus
IsWindowEnabled
IsWindowVisible
CallWindowProcW
DefWindowProcW
DeferWindowPos
MoveWindow
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetCursorPos
WindowFromPoint
GetParent
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
SetFocus
SetWindowPos
SetWindowLongW
GetWindowLongW
FillRect
GetClientRect
GetWindowRect
DrawFrameControl

gdi32

GetDeviceCaps
CreatePen
RestoreDC
SaveDC
SetStretchBltMode
GetClipBox
ExtSelectClipRgn
ExtFloodFill
GetPixel
SetPixel
Polyline
PolyBezier
TextOutW
SetROP2
GetCharABCWidthsW
GetTextExtentExPointW
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
SetMapMode
GetBkColor
GetTextColor
SelectClipRgn
Arc
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
CreateBitmap
GetStockObject
SetBrushOrgEx
MaskBlt
StretchBlt
StretchDIBits
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
GetNearestPaletteIndex
CreateFontIndirectW
LineTo
MoveToEx
CombineRgn
CreateRectRgnIndirect
RectInRegion
SetTextAlign
GetRgnBox
EqualRgn
PtInRegion
CreateDIBSection
GetDIBits
CreateDIBitmap
GetDIBColorTable
PatBlt
CreateICW
GetSystemPaletteEntries
SetAbortProc
EndDoc
StartPage
EndPage
StartDocW
CreateDCW
GetEnhMetaFileW
CopyEnhMetaFileW
DeleteEnhMetaFile
EnumFontFamiliesExW
GetTextFaceA
CreateFontIndirectA
GetCharacterPlacementW
ExtTextOutW
GetGlyphOutlineW
CreateSolidBrush
GetRegionData
ExtCreateRegion
OffsetRgn
SetBkMode
SetTextColor
CreatePalette
SetBkColor
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC
GetTextMetricsW
SelectObject
GdiFlush
RealizePalette
SelectPalette
GetTextExtentPoint32W
CreateRectRgn
ExcludeClipRect
GetObjectW
GetPaletteEntries
Ellipse
CreateCompatibleDC

comdlg32

PrintDlgW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ExtractIconExW
ExtractIconW
DragQueryFileW
DragFinish
DragQueryPoint
DragAcceptFiles
SHGetSpecialFolderLocation

ole32

CoCreateInstance
OleGetClipboard
ReleaseStgMedium
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
OleUninitialize

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 535KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e6f022adf7e5ed662c5c24afbd3944b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 535KB - Virtual size: 534KB

.data Size: 117KB - Virtual size: 323KB

.rsrc Size: 25KB - Virtual size: 63KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 535KB - Virtual size: 534KB

.data
Size: 117KB - Virtual size: 323KB

.rsrc
Size: 25KB - Virtual size: 63KB