NEAS[.]2293a97810a7e16c04937511826b2ad0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2293a97810a7e16c04937511826b2ad0.exe
Size

334KB
MD5

2293a97810a7e16c04937511826b2ad0
SHA1

9d9e2a45e16892d7c0db56119d9bf5ebf13a1675
SHA256

42841b10262540a9642edab557e6a6da588cb3f73a8753b5d6c058064ba2ca99
SHA512

99b4fb6c3680b0510600db27a75ed51dd946d538b3eb12b12fa1b4a7482cb6f6aa332150af76f5c97ea2d412461643eae66e2e64fa0d571c070a9ffc5ddd94ef
SSDEEP

6144:1H0908zFPhNzoEbl4ZaNl7uwZMabtXXihppMIQN:Vyowcsp3tOrQN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2293a97810a7e16c04937511826b2ad0.exe

Files

NEAS.2293a97810a7e16c04937511826b2ad0.exe
.dll regsvr32 windows:10 windows x86

d72f917f4a343e62e182accbe87dbfd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

memset
_CIpow
_CIsin
_CIsqrt
_alldiv
_allmul
_ftol2
memcmp
memcpy
wcstombs

msvcrt

_except_handler4_common
_onexit
__dllonexit
rand
_amsg_exit
_unlock
_XcptFilter
__CxxFrameHandler3
malloc
_initterm
??_V@YAXPAX@Z
free
time
_purecall
srand
_lock

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
InitializeCriticalSection
SetEvent
LeaveCriticalSection
CreateEventA
WaitForSingleObject
EnterCriticalSection

api-ms-win-core-com-l1-1-0

CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoCreateInstance
StringFromCLSID

api-ms-win-mm-time-l1-1-0

timeEndPeriod
timeGetTime
timeBeginPeriod

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
SetThreadPriority
GetCurrentThreadId
CreateThread

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleFileNameA

api-ms-win-core-string-obsolete-l1-1-0

lstrlenA

api-ms-win-core-registry-l2-1-0

RegDeleteKeyA
RegEnumKeyA

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

dsound

ord11

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d72f917f4a343e62e182accbe87dbfd0

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msvcrt

api-ms-win-core-synch-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-mm-time-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-registry-l2-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

dsound

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.data Size: 3KB - Virtual size: 12KB

.idata Size: 3KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 24B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 148KB - Virtual size: 148KB

.text
Size: 176KB - Virtual size: 175KB

.data
Size: 3KB - Virtual size: 12KB

.idata
Size: 3KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 24B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 148KB - Virtual size: 148KB