NEAS[.]4a49bcbe437fe8ce400269cff9ede830[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4a49bcbe437fe8ce400269cff9ede830.exe
Size

2.5MB
MD5

4a49bcbe437fe8ce400269cff9ede830
SHA1

cdc049989c5c8b0b088973b430a442787430e65a
SHA256

c94091010e241d027c829f03bba3cfd57a920adc3708c6f52168a8956376e1aa
SHA512

42637e5ac11cddb28b8718955a3e6521af6e94f7371f281f82d0b5ba734274f308707007a7783c20cd26a9c5d21689170e0b9cd8700a43a461c11faa9f9773cc
SSDEEP

49152:8OJjo3Go7ouPMPwCOoGf6y9vuKFNmF6nA9wceFI/erI1ewFlP3PwC/T0socSWrO:82o3GgPU7Gf6y9vuKCeA9BeFI/erRwF+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4a49bcbe437fe8ce400269cff9ede830.exe

Files

NEAS.4a49bcbe437fe8ce400269cff9ede830.exe
.dll windows:5 windows x86

b73a67d12f51f55c92f56e44e1cffd99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentVariableA
GetEnvironmentVariableW
GetNumberFormatA
GetWindowsDirectoryA
Sleep
GetModuleHandleW
GetVersion
IsDBCSLeadByte
GetUserDefaultLCID
CopyFileA
GetTickCount
InterlockedIncrement
GetSystemTime
lstrcpyA
lstrcpyW
lstrlenW
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetErrorMode
InterlockedExchange
GetCurrentThread
EnumResourceLanguagesA
ConvertDefaultLocale
LoadLibraryExA
GetLocaleInfoA
SuspendThread
ResumeThread
SetThreadPriority
SetEvent
FindNextFileA
FormatMessageA
SearchPathA
GetTempPathA
LocalUnlock
LocalLock
GetTempFileNameA
GetDiskFreeSpaceA
LoadLibraryW
GetSystemDirectoryW
GlobalFlags
RaiseException
FindResourceExA
VirtualProtect
GetProfileIntA
MulDiv
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomA
CompareStringA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
lstrcmpW
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
TlsSetValue
LocalReAlloc
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalHandle
TlsFree
GetLastError
InitializeCriticalSection
TlsAlloc
LocalFree
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
FreeLibrary
GetOEMCP
GetCPInfo
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalAlloc
GlobalSize
GlobalLock
GetShortPathNameA
GetModuleFileNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcmpA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
lstrlenA
GlobalGetAtomNameA
GetAtomNameA
SetLastError

msvcr90

_strlwr_s
_CxxThrowException
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
iswspace
_wcsrev
wcspbrk
_wcsicoll
wcsstr
_wcsupr_s
_wcslwr_s
vswprintf_s
_mbsrev
wcscoll
memmove
_vscwprintf
wcschr
_time64
_beginthread
_endthread
sscanf_s
atan2
_mbctolower
_mbctoupper
_ismbcprint
_ismbcalnum
_ismbcalpha
toupper
_mbsicoll
__CxxFrameHandler3
_mbscoll
exp
memcpy
fabs
floor
sin
cos
clock
sqrt
wcsspn
wcscspn
_mbslwr_s
wcsrchr
wcsncpy_s
_ultoa_s
_ltoa_s
_ismbcdigit
ceil
_snwprintf_s
wcscpy_s
_mbsnbcmp
_mbsupr_s
_mbsstr
_mbsnbicmp
__argv
__argc
_beginthreadex
_endthreadex
_fullpath
atol
_ismbcspace
_mbsdec
_strdup
_mbsspn
_mbscspn
_mbspbrk
wcscat_s
_expand
atoi
_recalloc
_mbsrchr
_mbsicmp
strtod
strtoul
strtol
_resetstkoflw
_wcsicmp
wcscmp
_makepath_s
_splitpath_s
wcsnlen
_vsnprintf_s
_snscanf_s
labs
abs
_ismbblead
calloc
_msize
strcat_s
_mbschr
_snprintf_s
_errno
strncpy_s
_mbscmp
_localtime64_s
_mktime64
realloc
fclose
fflush
ftell
fseek
fgets
fputs
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
_mbsinc
strcpy_s
wcslen
_vscprintf
vsprintf_s
abort
free
malloc
memcmp
memset
strnlen
strlen
memmove_s
memcpy_s
sprintf_s
_mbsnbcpy_s
_purecall
_itoa_s

user32

SetWindowRgn
DrawIcon
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
InsertMenuA
RegisterClipboardFormatA
SendNotifyMessageA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
DrawIconEx
SubtractRect
SetClassLongA
CopyIcon
LoadImageA
GetIconInfo
CopyImage
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawStateA
GetUpdateRect
IsMenu
NotifyWinEvent
DestroyAcceleratorTable
CreateAcceleratorTableA
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
IsCharLowerA
DrawFrameControl
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
GetDoubleClickTime
GetWindowRgn
FrameRect
CharUpperBuffA
OemToCharBuffA
CharToOemBuffA
EnableMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetWindowTextA
GetSysColorBrush
GetMenuItemInfoA
GetMenuStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
FillRect
DrawFocusRect
LoadBitmapA
GetKeyNameTextA
MapVirtualKeyA
UnionRect
GrayStringA
DrawTextExA
DrawTextA
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
AppendMenuA
DeleteMenu
GetSystemMenu
DestroyCursor
SetParent
IsZoomed
ReleaseDC
GetDC
SetRect
SetTimer
KillTimer
InflateRect
RedrawWindow
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
TranslateMessage
GetMessageA
ClientToScreen
WindowFromPoint
SetCapture
WaitMessage
GetCursorPos
LoadCursorA
GetMenuBarInfo
BringWindowToTop
InsertMenuItemA
CreatePopupMenu
InvalidateRect
ReuseDDElParam
UnpackDDElParam
DestroyMenu
LoadMenuA
GetActiveWindow
GetWindowThreadProcessId
ShowWindow
IsWindowEnabled
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
EnableWindow
LoadIconA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
PeekMessageA
PtInRect
SetFocus
SetActiveWindow
GetFocus
AdjustWindowRectEx
DeferWindowPos
EqualRect
ScreenToClient
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
ScrollWindow
IsWindowVisible
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
RegisterClassA
GetClassInfoA
GetMenuItemID
GetSubMenu
GetMenuItemCount
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextA
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
RemovePropA
CallWindowProcA
GetPropA
DefWindowProcA
SetMenu
SetCursorPos
DestroyIcon
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
SetMenuItemBitmaps
IsRectEmpty
CheckMenuItem
GetMenu
GetMessagePos
GetMessageTime
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
SendMessageA
IsWindow
GetWindow
SetWindowPos
SetWindowLongA
GetWindowLongA
RegisterWindowMessageA
IntersectRect
OffsetRect
SystemParametersInfoA
GetWindowRect
GetWindowPlacement
IsIconic
MsgWaitForMultipleObjects
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
GetClientRect

gdi32

RoundRect
Polyline
GetDIBits
SetDIBColorTable
StretchBlt
CreateRoundRectRgn
FillRgn
GetBoundsRect
SetPixelV
FrameRgn
PtInRegion
CreatePolygonRgn
ExtFloodFill
SetPixel
SetPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBSection
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetPaletteEntries
Polygon
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileA
CopyMetaFileA
LPtoDP
Ellipse
CreateEllipticRgn
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
DPtoLP
SetRectRgn
CombineRgn
GetMapMode
GetPixel
CreateDIBPatternBrushPt
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
EnumMetaFile
PlayMetaFile
PlayMetaFileRecord
GetObjectType
ExtSelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
StartDocA
EnumFontFamiliesExA
CreateDCA
BitBlt
CreateRectRgnIndirect
PatBlt
UnrealizeObject
Rectangle
CreatePen
CreatePatternBrush
CreateBitmap
TextOutA
DeleteMetaFile
CloseMetaFile
RectVisible
PtVisible
IntersectClipRect
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
GetDeviceCaps
Escape
ExtTextOutA
MoveToEx
GetTextExtentPointA
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetViewportExtEx
GetWindowExtEx
CreateFontIndirectA
GetTextFaceA
GetTextColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
SelectObject
StretchDIBits
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
GetStockObject
GetClipBox

shlwapi

UrlUnescapeA
PathRemoveExtensionA
PathFindExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA

comctl32

ImageList_DrawEx
ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize

msimg32

TransparentBlt
AlphaBlend

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b73a67d12f51f55c92f56e44e1cffd99

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr90

user32

gdi32

shlwapi

comctl32

msimg32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.data Size: 32KB - Virtual size: 51KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 186KB - Virtual size: 186KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 32KB - Virtual size: 51KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 186KB - Virtual size: 186KB