NEAS[.]c1ec5c1a2346fea989c60e0d5b826050[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c1ec5c1a2346fea989c60e0d5b826050.exe
Size

3.1MB
MD5

c1ec5c1a2346fea989c60e0d5b826050
SHA1

89a8eeda3d2002fc1969f0e3360b4a133605a655
SHA256

1f61364a9fc0a2d79273fc9cf13cb5b1a490bbadf931cc7abfb275d20ffc94b3
SHA512

17a24cb70edeca19730a1dde89a85841f9a3768720a9f6bf66e720053e6fb27d7e90b90dda382a64dc2be31779e68179f3a7bdc6165aeed507ffd0575fd26b75
SSDEEP

98304:4JCU3GQOPkBw+f8BMluzyRNqqbuSefoqV3aA:uF3GQO87fwMIzyRjKFf3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c1ec5c1a2346fea989c60e0d5b826050.exe

Files

NEAS.c1ec5c1a2346fea989c60e0d5b826050.exe
.dll windows:5 windows x86

b51638b608c78a2a0908f2c16762a686

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetTextAlign
FlattenPath
CreateScalableFontResourceA

wintrust

CryptCATAdminAcquireContext

ole32

HBITMAP_UserMarshal
OleGetClipboard
CoTaskMemAlloc
CoReleaseServerProcess

setupapi

SetupDiDestroyDeviceInfoList
CM_Get_Device_Interface_List_Size_ExW

user32

SetCaretPos
IsWinEventHookInstalled
GetNextDlgTabItem
SetWindowRgn
EndDialog
SetKeyboardState

advapi32

RegCloseKey

rpcrt4

NdrPointerFree

shlwapi

StrCpyNW
StrChrW

oleaut32

SafeArrayCreate
GetErrorInfo

powrprof

GetActivePwrScheme

netapi32

NetShareSetInfo

comctl32

ImageList_LoadImageW

version

GetFileVersionInfoA

kernel32

DeleteTimerQueueEx
LocalFlags
GetBinaryTypeW
GetModuleFileNameW
GetUserDefaultLangID
WaitForSingleObject
SetPriorityClass
GetModuleHandleA
GetModuleFileNameA
FindVolumeMountPointClose

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b51638b608c78a2a0908f2c16762a686

Headers

File Characteristics

Imports

gdi32

wintrust

ole32

setupapi

user32

advapi32

rpcrt4

shlwapi

oleaut32

powrprof

netapi32

comctl32

version

kernel32

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 316KB - Virtual size: 314KB

.data Size: 756KB - Virtual size: 755KB

.erloc Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 192KB - Virtual size: 189KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 316KB - Virtual size: 314KB

.data
Size: 756KB - Virtual size: 755KB

.erloc
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 192KB - Virtual size: 189KB