Static task
static1
Behavioral task
behavioral1
Sample
NEAS.01821fa71cae3a90c3cd46c565e36950.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.01821fa71cae3a90c3cd46c565e36950.exe
Resource
win10v2004-20231020-en
General
-
Target
NEAS.01821fa71cae3a90c3cd46c565e36950.exe
-
Size
370KB
-
MD5
01821fa71cae3a90c3cd46c565e36950
-
SHA1
ae9c5cc210133f446f99a0cfdaef192766d73467
-
SHA256
ffffb08e57faf5d78c7832c1c31e6eab89c9c3766563d8b325ad3ecba6a2da70
-
SHA512
1dbb8edeb83938666c33b90dcfab33e450328ac1db20814ff916657931bf5a327e7b9ddcb2a8ab6489bc6d40e6c6318133c064425cf02dc5b354276308d62351
-
SSDEEP
6144:3QT+HdYmWEkq/vIeUh1z8GLEUbXgbtcXtAotLNBRfKqW6HuOy84R/Wlvd2HK:gTSYmrYeUh1z8GLEH0tlJN6qNHuOy84s
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.01821fa71cae3a90c3cd46c565e36950.exe
Files
-
NEAS.01821fa71cae3a90c3cd46c565e36950.exe.exe windows:4 windows x86
2600de708064dda79407f910e49e393a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wsock32
WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup
winmm
mixerClose
joyGetPosEx
mciSendStringA
mixerGetLineInfoA
mixerGetDevCapsA
mixerGetControlDetailsA
mixerGetLineControlsA
waveOutGetVolume
joyGetDevCapsA
waveOutSetVolume
mixerSetControlDetails
mixerOpen
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
comctl32
ImageList_Create
ord6
ImageList_ReplaceIcon
ord17
ImageList_GetIconSize
ImageList_Destroy
ImageList_AddMasked
kernel32
SetEnvironmentVariableA
MultiByteToWideChar
Beep
MoveFileA
OutputDebugStringA
CreateProcessA
CreateFileA
GetFileSize
ReadFile
MulDiv
WideCharToMultiByte
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
FileTimeToLocalFileTime
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
SetErrorMode
GetDiskFreeSpaceA
SetVolumeLabelA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
GetFileAttributesA
CreateDirectoryA
GlobalSize
WriteFile
DeleteFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetSystemTime
GetComputerNameA
GetWindowsDirectoryA
GetTempPathA
GetFullPathNameA
GetShortPathNameA
LoadLibraryA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
CompareStringA
RemoveDirectoryA
CopyFileA
GetCurrentProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindClose
FindNextFileA
FindFirstFileA
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
GetVersionExA
GetLastError
CreateMutexA
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiA
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetModuleHandleA
GetProcAddress
GetCurrentDirectoryA
InitializeCriticalSection
SetCurrentDirectoryA
Sleep
GetTickCount
GetCurrentProcessId
GetStartupInfoA
user32
FlashWindow
MapWindowPoints
RedrawWindow
UpdateWindow
GetMessagePos
GetClassLongA
DefDlgProcA
CallWindowProcA
CheckRadioButton
IntersectRect
PtInRect
AppendMenuA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
CreateMenu
CreatePopupMenu
DestroyMenu
TrackPopupMenuEx
GetDesktopWindow
CopyImage
DrawIconEx
GetWindow
BringWindowToTop
GetTopWindow
SendDlgItemMessageA
DialogBoxParamA
SetForegroundWindow
DefWindowProcA
FillRect
GetSysColorBrush
GetSysColor
RegisterWindowMessageA
GetIconInfo
ReleaseDC
GetDC
IsIconic
SetMenu
EnumWindows
GetWindowTextLengthA
SetDlgItemTextA
InvalidateRect
SetWindowPos
SetWindowRgn
SetFocus
SetActiveWindow
EnumChildWindows
MoveWindow
GetQueueStatus
GetWindowRect
GetClientRect
SystemParametersInfoA
AdjustWindowRectEx
DrawTextA
SetRect
SetWindowTextA
CheckMenuItem
SendMessageTimeoutA
MessageBoxA
SetClipboardViewer
LoadAcceleratorsA
EnableMenuItem
GetMenu
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadImageA
ChangeClipboardChain
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
GetKeyNameTextA
VkKeyScanExA
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
ExitWindowsEx
IsWindowEnabled
GetMenuStringA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetCursor
ClientToScreen
GetCaretPos
EnumClipboardFormats
IsZoomed
MessageBeep
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
GetAsyncKeyState
EnableWindow
GetDlgItem
AttachThreadInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
CharUpperA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
OpenClipboard
GetClipboardData
GetClipboardFormatNameA
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
EndDialog
IsWindow
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
ShowWindow
CountClipboardFormats
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
GetWindowLongA
GetKeyState
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
IsClipboardFormatAvailable
IsWindowVisible
gdi32
SetTextColor
GetPixel
ExcludeClipRect
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
CreateFontA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
GetDeviceCaps
CreateDCA
CreateSolidBrush
SetBkColor
EnumFontFamiliesExA
GetObjectA
SetBkMode
GetClipBox
FillRgn
GetClipRgn
DeleteObject
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
GetUserNameA
OpenSCManagerA
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegConnectRegistryA
shell32
DragQueryPoint
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ExtractIconA
ole32
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
msvcr71
strchr
memmove
_strnicmp
strlen
memset
malloc
_iob
setvbuf
sprintf
__p___argv
__p___argc
strcpy
memcpy
strcmp
_stricmp
_i64toa
_atoi64
_strtoi64
isxdigit
_splitpath
strncpy
_vsnprintf
tolower
_msize
??2@YAPAXI@Z
qsort
??3@YAXPAX@Z
atoi
_itoa
exit
toupper
realloc
strtol
free
strcat
isprint
isspace
atof
strrchr
isdigit
strncmp
isalnum
fopen
fclose
_expand
ftell
_strdup
fread
memcmp
fgets
printf
_strtoui64
_ultoa
fputs
fwrite
fseek
fputc
fgetc
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strstr
Sections
.text Size: 317KB - Virtual size: 316KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ