NEAS[.]c1f583bdbbc0db3c04b5fd7f780a9690[.]exe

General

Target

NEAS.c1f583bdbbc0db3c04b5fd7f780a9690.exe
Size

37KB
MD5

c1f583bdbbc0db3c04b5fd7f780a9690
SHA1

02315410963ea8538d52c442e7f35a05768df06e
SHA256

82a26ac4f4b84eefbaf3f25b048efb25f7350a6ca152dc53a390ebb41354c27c
SHA512

561ead87ad805d6a6547c8ed547e615bc77b0752d1e1ff13693c7fa96ba2bd6dc04ab757b33c306c85d04bb06e5f076b49b22b25fab1e3c1833b421d042c3f62
SSDEEP

768:k5oWHs77gmrtX0MiukcwtisQpsJg6Wo3xw:k507pwoQQCJg6V6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c1f583bdbbc0db3c04b5fd7f780a9690.exe

Files

NEAS.c1f583bdbbc0db3c04b5fd7f780a9690.exe
.exe windows:5 windows x86

1d47ae434e7bfbcce77a62a5b3a1352f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

comctl32

InitCommonControlsEx

kernel32

UnmapViewOfFile
MapViewOfFileEx
GetCurrentProcess
CreateDirectoryW
WaitForSingleObject
SetEvent
GetFileSize
IsBadReadPtr
WriteFile
GetFileAttributesW
GetModuleFileNameW
CreateFileW
CompareStringW
GetModuleHandleW
SetThreadPriority
GetTempPathW
GetLastError
CreateFileMappingW
CreateEventW
RemoveDirectoryW
lstrcatW
DuplicateHandle
CloseHandle
DeleteFileW
ResumeThread
CreateThread
ExitProcess
GetVersionExW
lstrcpynW
GetProcAddress
GetSystemInfo
lstrlenW
GetLocaleInfoW

user32

SetDlgItemTextW
MessageBoxW
IsWindow
CreateDialogParamW
ShowWindow
GetDlgItem
PeekMessageW
IsDialogMessageW
TranslateMessage
wsprintfW
MsgWaitForMultipleObjects
CharNextW
DestroyWindow
GetKeyboardLayoutList
GetDesktopWindow
GetWindowRect
SendMessageW
UpdateWindow
EnableWindow
DispatchMessageW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d47ae434e7bfbcce77a62a5b3a1352f

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

comctl32

kernel32

user32

advapi32

shell32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: - Virtual size: 528B

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: - Virtual size: 528B

.rsrc
Size: 17KB - Virtual size: 16KB