NEAS[.]ef11230a8ac75e939b8a54594803c350[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ef11230a8ac75e939b8a54594803c350.exe
Size

215KB
MD5

ef11230a8ac75e939b8a54594803c350
SHA1

7fcaac43551b1d981c41f76feb833ff2ada9b691
SHA256

be0b936f4322fa5c3cf72589a5faf5e3f126f2536265423b905f324689db0f83
SHA512

e5b1c3e448b4a9a46ce8e7e22b4e454d0934ad20169534babc5049f16ea882e2f0e456f7ad424c310677241a55e7611d43d22289fb15f0de9222ab829639ba36
SSDEEP

6144:5+Gupq7CAM0TDJZJ8uMYG83Qnqi9p07Sl:5+GmwCt0PWNsJiK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ef11230a8ac75e939b8a54594803c350.exe

Files

NEAS.ef11230a8ac75e939b8a54594803c350.exe
.exe windows:4 windows x86

fc654781844d06a6ccaad40505274c80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
CreateNamedPipeA
GetUserDefaultLangID
lstrcmpW
GetModuleHandleA
OpenSemaphoreA
FindResourceW
GetSystemDefaultLangID
IsValidCodePage
CopyFileA
CreateNamedPipeW
GetProcAddress

user32

DefDlgProcA
CreateDialogIndirectParamA
GetCaretPos
GetClassNameA
CheckDlgButton
SetWindowTextA
WaitForInputIdle
InvalidateRect
GetMenuItemInfoA
ActivateKeyboardLayout
LoadIconW
SetWindowRgn
MonitorFromPoint
DrawTextW
CharNextW
PostQuitMessage
EnumWindows
GetDesktopWindow
GetDCEx
GetMenuItemID
ChildWindowFromPoint
GetDlgItemTextW
TrackPopupMenuEx
InvalidateRgn
CharPrevA
WinHelpA
CharNextA
CreateWindowExA
PeekMessageW
GetMenu
LoadCursorW
UpdateWindow
DialogBoxIndirectParamA
EnumDesktopsA
MessageBoxIndirectW
GetWindowTextLengthW
GetCapture
DestroyCursor
LoadImageA
CreateDesktopW
CreateDesktopA
LoadMenuA
PeekMessageA
GetActiveWindow
GetSysColor
SetMenu

gdi32

SetColorSpace
GetROP2
SetEnhMetaFileBits
GetEnhMetaFileHeader
AnimatePalette
SetTextCharacterExtra
CreateDIBPatternBrush
SelectBrushLocal
GetPolyFillMode
CreateFontIndirectW
GetSystemPaletteEntries
CreatePolygonRgn

advapi32

RegCloseKey
RegSaveKeyA
RegSaveKeyW
RegReplaceKeyA
RegOpenKeyW
RegCreateKeyExW

shlwapi

PathFindExtensionA
SHSetThreadRef
PathIsSameRootW
SHOpenRegStreamW
SHRegGetBoolUSValueA
SHStrDupA
PathRemoveBackslashW
PathAddBackslashW

oleaut32

VarUI2FromI8
VarUI4FromUI1
SafeArrayGetLBound
VarI4FromUI2
DispCallFunc
VarCyMul

setupapi

SetupDiGetClassDevsW
CM_Get_Device_ID_Size
SetupCreateDiskSpaceListW
SetupQueueCopyA
SetupDiOpenClassRegKeyExW
CM_Set_Class_Registry_PropertyA
SetupCommitFileQueueW
pSetupGetRealSystemTime
CM_Get_Class_Registry_PropertyW
CM_Get_Device_Interface_List_SizeA

ws2_32

htonl
sendto
WSARecvDisconnect

winmm

PlaySoundA
mxd32Message
waveInAddBuffer
waveOutClose
mciGetErrorStringA
midiOutPrepareHeader

winspool.drv

FindNextPrinterChangeNotification
CloseSpoolFileHandle
EndDocPrinter
PrinterMessageBoxW
SetPrinterA
DeletePrintProcessorW
DevQueryPrintEx
DeletePrinterDriverExW
StartDocPrinterW

oledlg

OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIEditLinksW
OleUIInsertObjectW
OleUIChangeIconA
OleUIAddVerbMenuA
OleUIBusyW
OleUIInsertObjectA

Sections

.NZx
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Px
Size: 4KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tU
Size: 3KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.S
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HdkoD
Size: 4KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UYbwZ
Size: 1KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc654781844d06a6ccaad40505274c80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

oleaut32

setupapi

ws2_32

winmm

winspool.drv

oledlg

Sections

.NZx Size: 11KB - Virtual size: 10KB

.Px Size: 4KB - Virtual size: 292KB

.tU Size: 3KB - Virtual size: 377KB

.S Size: 4KB - Virtual size: 33KB

.HdkoD Size: 4KB - Virtual size: 150KB

.data Size: 131KB - Virtual size: 448KB

.UYbwZ Size: 1KB - Virtual size: 386KB

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 1024B - Virtual size: 738B

.NZx
Size: 11KB - Virtual size: 10KB

.Px
Size: 4KB - Virtual size: 292KB

.tU
Size: 3KB - Virtual size: 377KB

.S
Size: 4KB - Virtual size: 33KB

.HdkoD
Size: 4KB - Virtual size: 150KB

.data
Size: 131KB - Virtual size: 448KB

.UYbwZ
Size: 1KB - Virtual size: 386KB

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 1024B - Virtual size: 738B