NEAS[.]1c94f48a19e92f6af09a094eaf3c6f60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1c94f48a19e92f6af09a094eaf3c6f60.exe
Size

6.1MB
MD5

1c94f48a19e92f6af09a094eaf3c6f60
SHA1

9e3647af3ebce821386cfc5201a6fca6275a220a
SHA256

6a2f6c7724548928523847e86e3bca414aa19420377991bf3b2f38fe00418628
SHA512

2169a726f828fba0e14af81d1a40fd99b0fa32d6a42381a139340397affd98c20f9f011641537072f40bae8d7967672c4e680848c6031becc6b51ed4e317308b
SSDEEP

98304:waTZlnlZ5dAgI0BT1+0stWu+YrjKlUPA3jKcWB2VO0F7F/E4LDP47zr45kS1Ai:3bv5dAgHH+/tWu36Ug7JJ84I7zrVi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1c94f48a19e92f6af09a094eaf3c6f60.exe

Files

NEAS.1c94f48a19e92f6af09a094eaf3c6f60.exe
.dll windows:6 windows x86

7e5c99f4cedafb8d293f1b25707f1eda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
CloseHandle
GetModuleFileNameW
OutputDebugStringW
WaitForSingleObject
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
HeapSize
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
TlsAlloc
GetStringTypeW
SizeofResource
GetLocaleInfoW
SwitchToThread
DeleteFileW
IsDebuggerPresent
CreatePipe
FlushFileBuffers
FileTimeToSystemTime
GetExitCodeProcess
Sleep
IsValidLocale
SetCommTimeouts
VirtualQueryEx
GetTickCount
VirtualFree
WriteFile
SignalObjectAndWait
CreateFileA
HeapFree
GetCommState
LoadResource
GetFileSize
FreeEnvironmentStringsW
GetModuleHandleExW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
ExitProcess

user32

InvalidateRect
SetDlgItemTextA
SetTimer
SetWindowsHookExA
CheckMenuItem
GetKeyState
IsZoomed
GetSubMenu
DeleteMenu
SetScrollRange
GetDC
InflateRect
GetScrollInfo
MessageBoxA
GetWindowLongA
SetScrollPos
EnableMenuItem
SetWindowLongW
CheckRadioButton
MessageBoxW
BeginDeferWindowPos
GetCaretBlinkTime
ToUnicode
DrawFrameControl
SetScrollInfo
SetRect

gdi32

LineTo
SelectClipRgn
GetNearestPaletteIndex
PolyPolygon
SetLayout
PatBlt
CreateHatchBrush
CreateFontA
ExcludeClipRect
CreateHalftonePalette
CreateCompatibleDC
Rectangle
ExtCreateRegion
GetTextExtentPointW
SetPaletteEntries
GetDIBColorTable
GetCharABCWidthsFloatA
GetSystemPaletteEntries
RectVisible
RoundRect
CreateDIBitmap
CreatePolygonRgn

comdlg32

GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegLoadKeyW
EqualSid
QueryServiceStatus
LookupPrivilegeValueW

oleaut32

SafeArrayGetLBound

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e5c99f4cedafb8d293f1b25707f1eda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Sections

.text Size: 420KB - Virtual size: 419KB

.data Size: 5.6MB - Virtual size: 6.4MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 420KB - Virtual size: 419KB

.data
Size: 5.6MB - Virtual size: 6.4MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 11KB - Virtual size: 10KB