NEAS[.]e410d822e4f33818df0eea61de110500[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.e410d822e4f33818df0eea61de110500.exe
Size

463KB
MD5

e410d822e4f33818df0eea61de110500
SHA1

af708e837f1fbd5a0bfdc887be5844e474ccd8e8
SHA256

364a142d4ae671bb86d1685f7863619bc94d3a951c949f589808021b46b81e94
SHA512

4ac40f9bdf98935dffc93896160fbf27db6574130dfc52ef3c956e8fb47bce98876222a770eee77e8de965f0bff977655da999b3ae004d1a00c7cae8045c7b25
SSDEEP

6144:Dwe4kpqqcoqZp13Yo0OxPDMcOAwGfFOiRtOCBTb:6kP6Ip+qAxXPBTb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e410d822e4f33818df0eea61de110500.exe

Files

NEAS.e410d822e4f33818df0eea61de110500.exe
.exe windows:5 windows x86

dbf04104676a5e0bbbac9e3265d68825

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ord17
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Draw
ImageList_SetBkColor

kernel32

Sleep
HeapSize
GetStringTypeW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
GetProcessHeap
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
HeapFree
RaiseException
WideCharToMultiByte
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
HeapReAlloc
SetStdHandle
WriteConsoleW
AddAtomA
GetCurrentThreadId
DeleteAtom
FlushFileBuffers
WriteFile
GetFileType
GetCurrentDirectoryA
CreateFileW
GlobalFree
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
GetWindowsDirectoryA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
GetProcAddress
GetLastError
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
FindNextFileA
FindFirstFileA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
FindClose
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
UnhandledExceptionFilter

user32

SetCapture
GetCapture
PtInRect
DefMDIChildProcA
DrawStateA
SetWindowsHookExA
SetPropA
CallNextHookEx
GetPropA
RemovePropA
IsWindowVisible
GetMenuItemRect
GetSubMenu
DrawMenuBar
OffsetRect
UnhookWindowsHookEx
GetMenuItemInfoA
GetMenuItemCount
DeleteMenu
DestroyMenu
SetCursor
DrawFocusRect
GetFocus
SetFocus
PostQuitMessage
CreateDialogIndirectParamA
ShowWindow
ReleaseCapture
SetForegroundWindow
EnableWindow
IsWindowEnabled
CreateDialogParamA
CallWindowProcA
DefFrameProcA
EnumChildWindows
GetClassNameA
DefWindowProcA
GetMessageA
TranslateMessage
GetParent
DispatchMessageA
DestroyWindow
GetSystemMetrics
ReleaseDC
IsMenu
SetWindowTextA
SetMenu
GetMenu
IsDialogMessageA
IsChild
GetWindowRect
SetWindowPos
GetWindowDC
GetDCEx
GetDC
SetWindowLongA
LoadIconA
CreateCursor
CreateIcon
GetSysColorBrush
LoadCursorA
RegisterClassExA
DestroyCursor
DestroyAcceleratorTable
UnregisterClassA
GetSysColor
SystemParametersInfoA
LoadStringA
wvsprintfA
GetWindowTextLengthA
GetWindowTextA
LoadImageA
DestroyIcon
GetWindowLongA
IsRectEmpty
FillRect
GetClientRect
InvalidateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextA
GetDlgItem
IsWindow
SendMessageA
SetRectEmpty

gdi32

CreateCompatibleDC
GetObjectA
GetObjectType
CreateSolidBrush
CreateBitmap
CreatePatternBrush
SetTextColor
SetBkMode
SelectObject
GetStockObject
DeleteObject
CreateFontIndirectA
SaveDC
RestoreDC
GetBkColor
GetBkMode
GetClipBox
BitBlt
CreateCompatibleBitmap
DeleteDC

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbf04104676a5e0bbbac9e3265d68825

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

shell32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 338KB - Virtual size: 338KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 338KB - Virtual size: 338KB