NEAS[.]a3f4e45e9e12eb439bae0b3c5a5ef560[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a3f4e45e9e12eb439bae0b3c5a5ef560.exe
Size

178KB
MD5

a3f4e45e9e12eb439bae0b3c5a5ef560
SHA1

435a72e9e569d3f1d1295568d7c8ce4c66812d8d
SHA256

f4951af3a8a40e695932a7e0fe4ecc68ccb4b4e9648388c65f28e61643e4f7ac
SHA512

c85ffbef597842d666fe390e1853f7c7f4397f0cf0888b815ded8a0ad64cc01fadeb26805cdc744186b37ca4ced4f4b701e63f1ebc2cf843979bee17477bde57
SSDEEP

3072:UICDAV5Oi4B5Uu76LXinoEktig3jD0QUxWI3Ki:UIuAWiWdXYz5+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a3f4e45e9e12eb439bae0b3c5a5ef560.exe

Files

NEAS.a3f4e45e9e12eb439bae0b3c5a5ef560.exe
.exe windows:4 windows x86

ebc3cd45958616b61089f373d17c0e34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
EnumSystemCodePagesA
CreateIoCompletionPort
FileTimeToSystemTime
GetStartupInfoA
ContinueDebugEvent
CreateDirectoryW
GetBinaryTypeA
FatalAppExitA
EnumResourceTypesW

urlmon

CoInternetQueryInfo
URLDownloadToCacheFileW
RegisterMediaTypeClass
URLDownloadToCacheFileA
HlinkNavigateMoniker
URLOpenStreamW
CreateAsyncBindCtxEx
RevokeBindStatusCallback
URLOpenBlockingStreamA
CopyStgMedium
FindMediaType
CoInternetCompareUrl
CoInternetCreateZoneManager

comctl32

ImageList_SetIconSize
ImageList_SetDragCursorImage
FlatSB_GetScrollPos

ole32

CoGetMalloc
CLSIDFromProgID
PropVariantClear
OleGetIconOfClass
StgOpenStorageEx
OleConvertIStorageToOLESTREAMEx

shlwapi

PathIsRelativeA
PathIsDirectoryA
PathMatchSpecW
StrCSpnIA
SHEnumValueA
PathQuoteSpacesA
PathRelativePathToW
PathFindNextComponentA
PathQuoteSpacesW
StrNCatW
PathIsUNCServerShareA
StrToIntA
PathSearchAndQualifyW
PathIsURLA
PathGetArgsW

imm32

ImmGetConversionStatus
ImmGetCandidateListCountW
ImmGetContext
ImmReleaseContext

msvcrt

_acmdln
__getmainargs
exit
_XcptFilter
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_except_handler3
_exit
_initterm

user32

IsCharLowerW
DefMDIChildProcW
UnhookWindowsHookEx
EqualRect
GetKeyboardLayout
EnumPropsExA
GetTopWindow
LoadStringW
RegisterClassExW
FreeDDElParam
DrawIcon
SetCursor
CharToOemA
GetDC
ValidateRect
CheckMenuItem
EnableWindow
GetMenuContextHelpId
CallWindowProcA
IMPGetIMEW
SetWindowPlacement
ValidateRgn
GetPropA
PostQuitMessage
EnumChildWindows
GetQueueStatus
CharUpperBuffW
CopyIcon
CascadeWindows
LoadAcceleratorsW
GetClassInfoW
SetScrollInfo
RemovePropA
SetCaretBlinkTime
wvsprintfW
GetClassNameW
SendIMEMessageExA
GetTabbedTextExtentA
UnregisterClassW
UnregisterClassA
GetParent
DdeDisconnect
GetIconInfo
SendDlgItemMessageA
BeginDeferWindowPos
CharNextExA
EnumThreadWindows
ChangeMenuW
GetClipboardFormatNameW
MessageBoxA
OemToCharBuffA
SetWindowLongA
CharToOemW
wvsprintfA
DdeConnectList
IsZoomed
LoadIconW
CreateDialogIndirectParamA
SetMenu
DdeFreeStringHandle
SetDlgItemTextA
CallNextHookEx
EmptyClipboard
DdeCreateStringHandleW
CountClipboardFormats
InvertRect
DrawTextA
DrawFrameControl
DefFrameProcA
DdeFreeDataHandle
RemovePropW
SetSysColors
GetKeyboardType
CreateMDIWindowA
GetScrollPos
DestroyCursor
GetClassLongA
FrameRect
UpdateWindow
InsertMenuItemW
GetWindowPlacement
DialogBoxIndirectParamA
DefDlgProcW
SetCursorPos

gdi32

SetMetaFileBitsEx
GetFontLanguageInfo
SetAbortProc
EnumFontsW
SwapBuffers
SetMapMode
ExtTextOutA
GetStretchBltMode
DeleteDC
GetRgnBox
CreateFontIndirectA
RoundRect
DeleteObject
EndPage
SetPolyFillMode
CreateRectRgnIndirect
EnumMetaFile
CreateDIBSection
SetArcDirection
StretchDIBits
GetTextExtentExPointA

wininet

GopherFindFirstFileW
InternetDial
InternetSetOptionExW
DeleteUrlCacheEntry
InternetUnlockRequestFile
InternetOpenA
CreateUrlCacheEntryA
InternetCombineUrlW
InternetCreateUrlW

comdlg32

FindTextA

shell32

SHGetFileInfoW

winspool.drv

EnumPortsA
EnumPrinterDriversA

oleaut32

SafeArrayRedim
VarBstrFromI2
LoadTypeLibEx

pdh

PdhValidatePathA
PdhExpandCounterPathW
PdhGetCounterInfoW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebc3cd45958616b61089f373d17c0e34

Headers

File Characteristics

Imports

kernel32

urlmon

comctl32

ole32

shlwapi

imm32

msvcrt

user32

gdi32

wininet

comdlg32

shell32

winspool.drv

oleaut32

pdh

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 9.6MB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 9.6MB

.rsrc
Size: 52KB - Virtual size: 52KB