NEAS[.]4431d47c514b5ecd8433bc1736e169d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4431d47c514b5ecd8433bc1736e169d0.exe
Size

459KB
MD5

4431d47c514b5ecd8433bc1736e169d0
SHA1

5187d062df88af57160075fd21afd5380514afc5
SHA256

5f52a4909c7a209d8d8b28c034589a0a7df22a3c0018be93426bec6901f68af0
SHA512

db931780b518e6e69a6713ae766282c2f4f0e2ad8601cbc1bd88b410da700b75ba389b871670602fd1242d5b88a9208128dd47e9e60208587475aef0ae4bad3c
SSDEEP

12288:6/h4T/D/HARC3mw7PgUzkB05c8c8c/nntfy482hp7cY7N1wis0g:2mT/D/HeUzkac8c8c/nntt82Xp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4431d47c514b5ecd8433bc1736e169d0.exe

Files

NEAS.4431d47c514b5ecd8433bc1736e169d0.exe
.exe windows:5 windows x86

b653c1ff63e83f40f139e23bc76812a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

joyGetDevCapsA
timeGetTime
joyGetPosEx
joyGetNumDevs

dsound

ord1

imm32

ImmAssociateContext

avifil32

AVISaveOptions
AVISaveOptionsFree
AVIStreamSetFormat
AVIFileOpenA
AVIFileCreateStreamA
AVIFileExit
AVIStreamRelease
AVIFileInit
AVIMakeCompressedStream
AVIFileRelease
AVIStreamWrite

kernel32

GetProcAddress
LoadLibraryA
AllocConsole
SetConsoleTextAttribute
WaitForSingleObject
SetConsoleScreenBufferSize
GetConsoleCP
ReadConsoleInputA
FreeConsole
GetConsoleWindow
SetConsoleTitleA
GetStdHandle
WriteConsoleA
CloseHandle
GlobalLock
GlobalUnlock
CreateFileA
WriteFile
GlobalAlloc
GlobalFree
GetSystemInfo
ExitProcess
SetPriorityClass
GetCurrentProcess
GetLongPathNameA
GetModuleHandleA
LCMapStringW
WriteConsoleW
OutputDebugStringW
FlushFileBuffers
SetStdHandle
GetStringTypeW
HeapReAlloc
FreeEnvironmentStringsW
FreeLibrary
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
GetProcessHeap
RaiseException
GetStartupInfoW
DeleteCriticalSection
GetFileType
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineA
LoadLibraryExW
ExitThread
GetCurrentThreadId
CreateThread
Sleep
DeleteFileA
GetFileAttributesA
GetVersionExA
GetLocalTime
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFullPathNameA
GetEnvironmentStringsW
CreateFileW
HeapSize
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
ReadFile
HeapAlloc
SetEndOfFile
GetLastError
HeapFree

user32

EndPaint
DestroyWindow
GetMessageA
IsMenu
PostQuitMessage
DeleteMenu
LoadMenuA
LoadIconA
EnumDisplaySettingsA
GetClientRect
SendMessageA
BeginPaint
GetWindowPlacement
CheckMenuRadioItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
PeekMessageA
EnableMenuItem
TranslateAcceleratorA
DefWindowProcA
SetWindowPos
LoadAcceleratorsA
ShowWindow
SetMenu
DrawMenuBar
AppendMenuA
DispatchMessageA
InsertMenuA
SetWindowTextA
AdjustWindowRect
DestroyMenu
SetMenuItemInfoA
ChangeDisplaySettingsA
CheckMenuItem
RegisterClassA
GetDC
SetRect
MessageBoxA
InvalidateRect
ReleaseDC
UpdateWindow
ClientToScreen
CloseClipboard
ScreenToClient
ShowCursor
SetCursorPos
GetClipboardData
GetCursorPos
OpenClipboard
GetSystemMenu
GetAsyncKeyState
PostMessageA
RemoveMenu
TranslateMessage

gdi32

SetStretchBltMode
GetDeviceCaps
GetStockObject
BitBlt
DeleteDC
CreateDIBSection
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
SetPixelV

comdlg32

GetOpenFileNameA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

Sections

.text
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b653c1ff63e83f40f139e23bc76812a0

Headers

DLL Characteristics

File Characteristics

Imports

winmm

dsound

imm32

avifil32

kernel32

user32

gdi32

comdlg32

shell32

d3d9

dinput8

Sections

.text Size: 300KB - Virtual size: 300KB

.rdata Size: 139KB - Virtual size: 139KB

.data Size: 9KB - Virtual size: 3.6MB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 300KB - Virtual size: 300KB

.rdata
Size: 139KB - Virtual size: 139KB

.data
Size: 9KB - Virtual size: 3.6MB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 6KB