NEAS[.]0b268488a96405ce3cd870d79f747b80[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0b268488a96405ce3cd870d79f747b80.exe
Size

73KB
MD5

0b268488a96405ce3cd870d79f747b80
SHA1

17bf6cf0cdd55c687a1f418607593829b603069a
SHA256

fd81242972c6ae0abcd0d9ac6740a530e9c1c627475a23ff3bdf1ae0333f96ed
SHA512

de885d334be81f69cf085d494ddab31431ad3fa2c825b73b5a36d42b9581ddda2113b305d355882e40a9af7fd81f2cd51988df41b57f786073b0a7173299c6fc
SSDEEP

1536:aVgFjqBg6xTz1Ve9dDytf3XX0kdYSjG+0c:Fj8pzHqtO/RBG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0b268488a96405ce3cd870d79f747b80.exe

Files

NEAS.0b268488a96405ce3cd870d79f747b80.exe
.dll windows:5 windows x86 arch:x86

a5558bec30dbda6969f609ece32f46dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5558bec30dbda6969f609ece32f46dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 63KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 63KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB