NEAS[.]e5e58d3feb870645882df7af25419520[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e5e58d3feb870645882df7af25419520.exe
Size

681KB
MD5

e5e58d3feb870645882df7af25419520
SHA1

d10206bf8eb0efa85ce739886b7d608e87ca6068
SHA256

8cd6db9d01b58766c08ffff11281c22e13453b131e8fd526957c0e29b98b184a
SHA512

8103bff94594ba38f9bcfbfd779793063db5afa26e06b004aca00108c40b35272267f7a0fd36c8c22fc55053cecbe0c5023a3fe0d98d278d626279a71266e99d
SSDEEP

12288:DC+YsEz2rccmeq5TBS3HuJSG2+I0/sel7rQL:JmE/meF0/sel7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e5e58d3feb870645882df7af25419520.exe

Files

NEAS.e5e58d3feb870645882df7af25419520.exe
.exe windows:5 windows x86

0006fb471d89474ed15bab12241cb9fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextJustification
GetStretchBltMode
GetDeviceCaps

user32

GetDlgItem
LoadIconA
GetMenuContextHelpId
SetWindowTextA
RemovePropA
GetPropA
IsWindowEnabled
GetInputState
SetFocus
GetDialogBaseUnits
CheckDlgButton
SetDlgItemTextA
ShowWindow
GetDlgItemInt

kernel32

CloseHandle
DecodePointer
ReadConsoleW
ReadFile
SetEndOfFile
HeapReAlloc
HeapSize
WriteConsoleW
SetFilePointerEx
GetTimeZoneInformation
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FlushFileBuffers
GetFileType
WriteFile
IsDebuggerPresent
GetLastError
GetVersion
GetTickCount
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalHandle
MoveFileA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RaiseException
GetModuleFileNameW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
SetEnvironmentVariableA
CreateFileW
GetDriveTypeW
GetModuleHandleExW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetACP
HeapFree
HeapAlloc
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
GetFullPathNameA
SetStdHandle
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

advapi32

SystemFunction036

Sections

.text
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0006fb471d89474ed15bab12241cb9fc

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

advapi32

Sections

.text Size: 605KB - Virtual size: 605KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 11KB

.text
Size: 605KB - Virtual size: 605KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 11KB