NEAS[.]70dba4e2e58e2f37b406d7a26e5e0c60[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.70dba4e2e58e2f37b406d7a26e5e0c60.exe
Size

368KB
MD5

70dba4e2e58e2f37b406d7a26e5e0c60
SHA1

99bf2ec1164888e43de1a2c99c04ab2843ee8165
SHA256

a6e6c710da85e09746095c5bf00491ae0c1c55b96d1738a7b2f4446ec6b2529a
SHA512

3c8a4ea00989131f418427b479cc1ab2e92ef873ba0d5e5fbd5326b3f4b4af30b3de3c1b464f6d50077d120e1610c4bf9e94e77a316582c05e707cf1117a44aa
SSDEEP

6144:HyZIjV3Mryz+U+z7rSz2Ypf/YTynMfRLVzeX4S1ScfbJzLd2:HUEILU+z7Wa0f/05VyX4S8MJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.70dba4e2e58e2f37b406d7a26e5e0c60.exe

Files

NEAS.70dba4e2e58e2f37b406d7a26e5e0c60.exe
.exe windows:4 windows x86 arch:x86

c724a6fb8be7dc1fa3e18c85f939d757

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
SHDeleteKeyA

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
TerminateProcess
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
SetErrorMode
InterlockedExchange
GetACP
GetLocaleInfoA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
GetModuleFileNameA
Sleep
lstrcatA
lstrcpyA
FreeLibrary
LocalFree
FormatMessageA
LoadLibraryExA
GetComputerNameA
CopyFileA
FindNextFileA
FindFirstFileA
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
DeleteFileA
GetTimeZoneInformation
GetProcAddress
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
GetVersionExA
LoadLibraryA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleHandleA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
InterlockedIncrement
ReleaseMutex
CreateMutexA
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetTickCount
WritePrivateProfileStringA
FreeResource
WaitForSingleObject
ResumeThread
CloseHandle
GlobalAddAtomA
SetLastError
GlobalFree
MulDiv
GlobalUnlock
lstrcpynA
GetCurrentThread
GetCurrentThreadId
GetThreadLocale
GlobalLock

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
PostThreadMessageA
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
CharUpperA
UnregisterClassA
wsprintfA
DrawIcon
CreatePopupMenu
AppendMenuA
SendMessageA
PostMessageA
GetSystemMenu
IsIconic
GetClientRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatA
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
InvalidateRect
EnableWindow
LoadIconA
GetSystemMetrics
IsWindow
GetWindowRect
ReleaseDC
GetDC
MessageBoxA
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
SetCursor
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
CreateWindowExA

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
SelectObject
GetTextMetricsA
CreateFontIndirectA
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
GetUserNameA
RegQueryValueA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

comctl32

PropertySheetA
ImageList_Destroy
ord17

oledlg

ord8

ole32

CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SysAllocString

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c724a6fb8be7dc1fa3e18c85f939d757

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 24KB - Virtual size: 22KB