NEAS[.]b3cf15826ca5c2920282a1168c83c040[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b3cf15826ca5c2920282a1168c83c040.exe
Size

352KB
MD5

b3cf15826ca5c2920282a1168c83c040
SHA1

d866b364d193206c8f1cd081ed1b2a6f2943e76a
SHA256

46529078ffb3a1e252173e4b2c544863ae939df09e26acb91ed52dbca7326e16
SHA512

301e7372ed34e0822688858514ee9dea52204e3c003ebb036ec4f79198fe96c86b6a297f2f118352671bb8e0f1124c261a06cc3d9c056ac2daf0651990c376f0
SSDEEP

3072:8GlTq2ZIJY2i6sgQSwwehkH84WimKLRofBDy6V6OdWALFXWYN/YdhrtwVXDM/DtD:8Z2WY261PqWigy6VbWWD/nV76i8UtNO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b3cf15826ca5c2920282a1168c83c040.exe

Files

NEAS.b3cf15826ca5c2920282a1168c83c040.exe
.exe windows:4 windows x86

90edc676756f4b389d75c0cc96e7556f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetSystemTimeAsFileTime
SetLastError
GetLocalTime
MultiByteToWideChar
CloseHandle
WriteFile
SetFilePointer
CreateFileW
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetModuleFileNameA
CreateProcessW
CreateProcessA
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
GetFileAttributesW
GetLocaleInfoA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapSize
ExitProcess
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
VirtualAlloc
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
VirtualFree
HeapCreate
HeapDestroy
GetConsoleOutputCP
DeleteFileA
RemoveDirectoryW
DeleteFileW
HeapReAlloc
HeapAlloc
SetUnhandledExceptionFilter
CreateThread
ResumeThread
ExitThread
RtlUnwind
HeapFree
RaiseException
WriteConsoleW
MoveFileA
CopyFileA
CopyFileW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindClose
GetLastError
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
GetVersion
GetTempPathA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CompareStringW
SetEnvironmentVariableA
LCMapStringA
RemoveDirectoryA
CompareStringA

user32

DrawTextA
DrawTextW
SetWindowTextA
SetWindowTextW
CreateWindowExA
CreateWindowExW
RegisterClassExW
CallWindowProcA
CallWindowProcW
SetWindowLongA
SetWindowLongW
GetWindowLongA
GetWindowLongW
DefWindowProcA
DefWindowProcW
FillRect
GetSysColorBrush
PostQuitMessage
GetSystemMenu
EnableMenuItem
IsWindowUnicode
LoadBitmapA
GetParent
PostMessageA
BeginPaint
EndPaint
SetCapture
GetDC
ReleaseDC
GetCapture
ReleaseCapture
GetClientRect
PtInRect
DestroyWindow
GetDesktopWindow
GetWindowRect
LoadCursorA
SetFocus
ShowWindow
UpdateWindow
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
SetForegroundWindow
InvalidateRect
RegisterClassExA

gdi32

SetTextColor
CreatePen
Rectangle
MoveToEx
LineTo
CreateSolidBrush
CreateCompatibleDC
GetObjectA
SelectObject
BitBlt
StretchBlt
DeleteDC
SetBkMode
GetStockObject
DeleteObject
CreateFontIndirectA
CreateDIBSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueExW

shell32

ExtractIconA

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90edc676756f4b389d75c0cc96e7556f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 52KB - Virtual size: 51KB