NEAS[.]209f2cc035823782908052ce95b4f7b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.209f2cc035823782908052ce95b4f7b0.exe
Size

320KB
MD5

209f2cc035823782908052ce95b4f7b0
SHA1

52317797138ad852797b492ad5e48027edb9dfbb
SHA256

3b3f86112a759af4736a76a2058c2997b8edbf074e0a45d35f140bce84588a22
SHA512

bd1158e0bb3bd3d1148eea746cc1935c9e497a50075079cf54c13d1b1b50e30c221874064473416f2524281c9a76b6eeea70836305755ca2e3514f6eb4140621
SSDEEP

6144:IrwPnTI03Ab7ZIgF6nYfOup+lHYGGOxqPDAOCN:VnT6IA6nmO2+5YGzy6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.209f2cc035823782908052ce95b4f7b0.exe

Files

NEAS.209f2cc035823782908052ce95b4f7b0.exe
.dll windows:5 windows x86

5eeeef8f2dbe6ce8986f5b8b0797f94d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
HeapAlloc
HeapFree
HeapValidate
VirtualQuery
GlobalSize
MultiByteToWideChar
LocalAlloc
GetProcAddress
WideCharToMultiByte
GetVersionExA
SetErrorMode
GetLastError
GetModuleHandleExW
GetCPInfo
GetACP
IsValidCodePage
lstrlenW
lstrlenA
GetProfileIntA
GetProfileIntW
GetProfileStringA
GetProfileStringW
LoadLibraryA
LoadLibraryW
IsDBCSLeadByteEx
Sleep
HeapCreate
HeapReAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
FreeLibrary
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InitializeCriticalSection
LocalFree

user32

RegisterClassExA
RegisterClassExW
UnregisterClassA
UnregisterClassW
CreateWindowExA
CreateWindowExW
LoadStringA
LoadStringW
DrawStateA
GetWindowDC
DestroyWindow
GetDlgItem
GetWindowRect
SetWindowPos
IsWindow
GetParent
BeginPaint
EndPaint
GetFocus
IsChild
SetCapture
GetCursorPos
MapWindowPoints
GetClientRect
GetSysColor
SetFocus
FillRect
GetDC
RedrawWindow
DrawFrameControl
CharNextA
ReleaseCapture
GetDesktopWindow
GetClassLongW
wvsprintfW
wvsprintfA
LoadBitmapA
CreateDialogIndirectParamA
SendNotifyMessageA
SetWindowsHookExA
IsDialogMessageA
DialogBoxParamA
LoadCursorA
LoadIconA
SetWindowLongA
GetWindowLongA
PostMessageA
SendMessageA
CallWindowProcA
DefWindowProcA
LoadBitmapW
CreateDialogIndirectParamW
SendNotifyMessageW
SetWindowsHookExW
IsDialogMessageW
DialogBoxParamW
LoadCursorW
LoadIconW
SetWindowLongW
GetWindowLongW
GetClassLongA
GetKeyState
MessageBeep
GetCursor
SetCursor
GetAsyncKeyState
AdjustWindowRect
FrameRect
GetSysColorBrush
IsWindowEnabled
EnableWindow
UpdateWindow
GetCapture
DrawEdge
ReleaseDC
PostMessageW
SendMessageW
CallWindowProcW
DefWindowProcW
GetSystemMetrics

comdlg32

ChooseColorW
ChooseColorA

msvcr90

_crt_debugger_hook
_decode_pointer
_encode_pointer
__FrameUnwindFilter
_amsg_exit
_cexit
_CxxThrowException
memmove
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxUnregisterExceptionObject
memcpy
memset
??3@YAXPAX@Z
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_encoded_null

gdi32

GetTextExtentPoint32W
Polyline
SelectObject
GetObjectW
GetObjectA
ExtTextOutW
GetTextCharset
ExtTextOutA
CreateFontIndirectW
CreateFontIndirectA
TranslateCharsetInfo
GetTextMetricsW
GetTextMetricsA
SetBkColor
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
SelectPalette
RealizePalette
GetDIBits
GetPaletteEntries
StretchDIBits
SetROP2
SetTextAlign
GetTextAlign
SetBkMode
PolyPolyline
LPtoDP
BitBlt
CreateSolidBrush
CreateDIBitmap
DeleteObject
SaveDC
GetObjectType
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
RestoreDC
CreatePen
SelectClipRgn
CreateRoundRectRgn
GetStockObject
DPtoLP
SetTextColor
StretchBlt
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
GetDeviceCaps
IntersectClipRect
GetViewportOrgEx
GetClipBox

msvcm90

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z

mscoree

_CorDllMain

Exports

Exports

BB_DropDownListProc
BB_DropDownProc
BB_EditProc
BB_WndProc
CreateButtonBarControl
CreateRulerControl
CreateStatusBar
CreateStatusBarW
RL_WndProc
SB_WndProc
TXToolsGetErrorCode
TXToolsGetVersion

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eeeef8f2dbe6ce8986f5b8b0797f94d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

msvcr90

gdi32

msvcm90

mscoree

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 129KB - Virtual size: 128KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 129KB - Virtual size: 128KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 4KB