NEAS[.]f50db870d11db91217a014fe2672069c51ae1e6c32547e09c99fef64c0a501fb[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.f50db870d11db91217a014fe2672069c51ae1e6c32547e09c99fef64c0a501fb.exe
Size

5.5MB
MD5

a61aac13f8a4841915791fb57aa2e275
SHA1

c34330fb238e0b9ea1cca921e42fb46966e1d577
SHA256

f50db870d11db91217a014fe2672069c51ae1e6c32547e09c99fef64c0a501fb
SHA512

9ee58ab3d775796cf73a2ce29ec9adbd3f72f789a5076a7d434d22f288ee012814af059738d6b9f23535ac9dad672ab255c88212bab7e9e7c72ee9be80cb7b7f
SSDEEP

98304:YF85vlOC7s2wQPc8V94nWFQO0R6dheB4/ncnREmThJ45aTyFXBuirxD02g9rX:COvPgZeORpR67e4/ncRZTQXBFrWd

Score

1^/10

Malware Config

Signatures

Files

NEAS.f50db870d11db91217a014fe2672069c51ae1e6c32547e09c99fef64c0a501fb.exe
.exe windows:6 windows x86 arch:x86

9ed5ffd9aebf2f772057cbc7c4430e2b

Code Sign

4a:af:62:63:63:a7:be:87:4b:4a:39:db:6f:24:d4:82
Certificate

Issuer

CN=Intel Celeron Skylake G3900 OEM v2

Not Before

16-12-2022 14:40

Not After

17-12-2032 14:40

Subject

CN=Intel Celeron Skylake G3900 OEM v2

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:eb:8d:c6:2f:67:69:d7:6a:48:17:66:6e:7b:1a:33:a7:a3:f1:da:a3:3c:f2:34:8e:fa:c6:76:83:66:53:77
Signer

Actual PE Digest

2b:eb:8d:c6:2f:67:69:d7:6a:48:17:66:6e:7b:1a:33:a7:a3:f1:da:a3:3c:f2:34:8e:fa:c6:76:83:66:53:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

shell32

SHGetFolderPathA

wininet

HttpOpenRequestA

ws2_32

closesocket

Sections

.text
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.~"(+)"~
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~"(+)"~
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.~"(+)"~
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed5ffd9aebf2f772057cbc7c4430e2b

Code Sign

4a:af:62:63:63:a7:be:87:4b:4a:39:db:6f:24:d4:82Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

2b:eb:8d:c6:2f:67:69:d7:6a:48:17:66:6e:7b:1a:33:a7:a3:f1:da:a3:3c:f2:34:8e:fa:c6:76:83:66:53:77Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

ws2_32

Sections

.text Size: - Virtual size: 292KB

.rdata Size: - Virtual size: 78KB

.data Size: - Virtual size: 18KB

.~"(+)"~ Size: - Virtual size: 4.1MB

.~"(+)"~ Size: 1KB - Virtual size: 1KB

.~"(+)"~ Size: 5.5MB - Virtual size: 5.5MB

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 4KB

4a:af:62:63:63:a7:be:87:4b:4a:39:db:6f:24:d4:82
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

2b:eb:8d:c6:2f:67:69:d7:6a:48:17:66:6e:7b:1a:33:a7:a3:f1:da:a3:3c:f2:34:8e:fa:c6:76:83:66:53:77
Signer

.text
Size: - Virtual size: 292KB

.rdata
Size: - Virtual size: 78KB

.data
Size: - Virtual size: 18KB

.~"(+)"~
Size: - Virtual size: 4.1MB

.~"(+)"~
Size: 1KB - Virtual size: 1KB

.~"(+)"~
Size: 5.5MB - Virtual size: 5.5MB

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 4KB