NEAS[.]197400d9798e6ee6e3e0dbd025fb0750[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.197400d9798e6ee6e3e0dbd025fb0750.exe
Size

3.2MB
MD5

197400d9798e6ee6e3e0dbd025fb0750
SHA1

50881a391073966619336c421eed23554fcff60f
SHA256

0679fcbba466fd020cb264f0f9c5af7b3a127bf55a66d49584e3e4500c27b52c
SHA512

92e19d69deece17858680fb1dfa45aa41acad0694715015ce1ced1855066498e804c875107dc095f3c89d318edcdd67b190ed72d37104ce0ff75d82b07202d6c
SSDEEP

98304:aSGostIPWzD3lfv2yUWuZASgrzGVvEMtm0BvvupbL9o/:tzy1CLuU1tm0Bvmp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.197400d9798e6ee6e3e0dbd025fb0750.exe

Files

NEAS.197400d9798e6ee6e3e0dbd025fb0750.exe
.exe windows:5 windows x86

2fbfdab3b633e598e5a2d7a707008499

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalGetAtomNameW
lstrlenA
GlobalFlags
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetWindowsDirectoryW
GetNumberFormatW
lstrcpyW
GetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
DecodePointer
EncodePointer
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
ExitThread
HeapSize
HeapQueryInformation
ExitProcess
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
GlobalHandle
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
SetThreadPriority
ActivateActCtx
ReleaseActCtx
DeactivateActCtx
CopyFileW
GlobalSize
CreateThread
ResumeThread
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WriteFile
GetFileSizeEx
QueryPerformanceCounter
GetCurrentThreadId
InterlockedCompareExchange
GetFileAttributesW
MulDiv
WaitForSingleObject
GetLocaleInfoW
lstrcmpiW
GetSystemDefaultLCID
GetSystemTimeAsFileTime
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
GetSystemInfo
GetCurrentProcess
GetVersionExW
lstrlenW
WideCharToMultiByte
TerminateProcess
FindResourceExW
FreeResource
FormatMessageW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentProcessId
ProcessIdToSessionId
GetUserDefaultUILanguage
RaiseException
LoadLibraryA
InterlockedExchange
GlobalReAlloc
TlsGetValue
GetFileTime
OutputDebugStringW
lstrcmpA
CreateFileW
CloseHandle
GetModuleFileNameW
VerSetConditionMask
VerifyVersionInfoW
GetFullPathNameW
ExpandEnvironmentStringsW
lstrcmpW
GetSystemDirectoryW
CreateProcessA
LocalAlloc
CreateProcessW
GetLastError
LoadLibraryExW
SetLastError
GetModuleHandleW
LocalFree
Sleep
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
FreeLibrary
InitializeCriticalSection

gdi32

SetBkMode
TextOutW
SetTextColor
SetBkColor
LineTo
Rectangle
SetDCPenColor
SetDCBrushColor
GetStockObject
DeleteObject
PolylineTo
MoveToEx
SelectObject
ExtCreatePen
CreateSolidBrush
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
StretchBlt
SetPixel
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetTextColor
Polyline
Ellipse
Polygon
GetSystemPaletteEntries
CreateFontW
GetTextFaceW
GetBoundsRect
FillRgn
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
CreateRoundRectRgn
PtInRegion
FrameRgn
SetPixelV
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
DPtoLP
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetTextExtentPoint32W
GetDeviceCaps
GetTextMetricsW
CreateFontIndirectW
ExtFloodFill

oleaut32

VariantInit
VariantChangeType
SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI
GdipCreateFromHDC

wtsapi32

WTSQueryUserToken

winmm

PlaySoundW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW

comctl32

ImageList_GetIconSize

msimg32

TransparentBlt
AlphaBlend

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RevertToSelf
ImpersonateLoggedOnUser
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW

ole32

CoInitialize
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleLockRunning
IsAccelerator
CoInitializeEx
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleTranslateAccelerator

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 864KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2fbfdab3b633e598e5a2d7a707008499

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

oleaut32

oleacc

gdiplus

wtsapi32

winmm

shlwapi

comctl32

msimg32

imm32

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 291KB - Virtual size: 291KB

.data Size: 26KB - Virtual size: 74KB

.rsrc Size: 454KB - Virtual size: 454KB

.reloc Size: 864KB - Virtual size: 868KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 291KB - Virtual size: 291KB

.data
Size: 26KB - Virtual size: 74KB

.rsrc
Size: 454KB - Virtual size: 454KB

.reloc
Size: 864KB - Virtual size: 868KB