NEAS[.]1e3fa57f1151aeb4260cbe9422fd32e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1e3fa57f1151aeb4260cbe9422fd32e0.exe
Size

3.1MB
MD5

1e3fa57f1151aeb4260cbe9422fd32e0
SHA1

187d09c9976e9f7abba9de57f1092d15ed9c2a04
SHA256

351c17563913880da5b7615369df2cd9e431809d6827282cf78a331a30e67655
SHA512

f426ba8737b7106d61883e1a1c9ac05b543373a949e259c07cd163302db39ff7e6bcda789ff598365a63a906f31612485be0e6e53b768c04c1cf8ed9ceda996c
SSDEEP

49152:AlvL98KQu+vHQZByECxlKPY9KPqfru2toaMETR6:aZByESlKPY93frDtlM86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1e3fa57f1151aeb4260cbe9422fd32e0.exe

Files

NEAS.1e3fa57f1151aeb4260cbe9422fd32e0.exe
.exe windows:5 windows x86 arch:x86

edfbab5537407896bc155c55e2a3e622

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetWriteFile
HttpEndRequestW
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetGetConnectedState

d3dx9_43

D3DXGetPixelShaderProfile
D3DXCompileShader
D3DXGetVertexShaderProfile
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW

dbghelp

MiniDumpWriteDump

winmm

mciGetErrorStringA
mciSendStringA
joyGetPos
joyGetPosEx
joyGetDevCapsA
timeGetTime
waveInGetDevCapsW
waveInGetNumDevs
waveInAddBuffer
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInOpen
waveInReset
waveInStart
waveInStop

ws2_32

ntohs
ntohl
htons
htonl
__WSAFDIsSet
getpeername
select
freeaddrinfo
WSAAddressToStringA
getaddrinfo
WSAGetLastError
gethostname
closesocket
shutdown
WSAStartup
WSACleanup
getsockopt
setsockopt
ioctlsocket
socket
bind
sendto
connect
inet_addr
send
recvfrom
inet_ntoa
recv
accept
listen

gdiplus

GdiplusStartup
GdiplusShutdown

comctl32

InitCommonControlsEx

kernel32

GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
GetFullPathNameA
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
SetFilePointer
SetStdHandle
ReadFile
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
FatalAppExitA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
SetLastError
GetStdHandle
SetHandleCount
IsDebuggerPresent
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
HeapReAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindNextFileA
GetDateFormatA
GetTimeFormatA
DeleteFileA
GetSystemTimeAsFileTime
SetFileAttributesW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
HeapAlloc
HeapFree
HeapWalk
GetStringTypeW
GetTimeZoneInformation
MultiByteToWideChar
GetConsoleWindow
WideCharToMultiByte
OutputDebugStringW
CreateFileA
GetProcAddress
LoadLibraryW
GetFullPathNameW
GetCurrentDirectoryW
GetLastError
LocalFree
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
CreateThread
GetExitCodeThread
CloseHandle
Sleep
FreeLibrary
SetCurrentDirectoryA
LoadLibraryA
GetCurrentDirectoryA
GetExitCodeProcess
CreateProcessW
FindClose
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
CreateDirectoryW
GetEnvironmentVariableW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetCurrentProcess
GetCurrentThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
GetUserDefaultLCID
GetLocaleInfoW
ExpandEnvironmentStringsW
GetModuleFileNameW
MoveFileA
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ExitThread
WaitForSingleObject
SetEvent
CreateEventW
WaitForSingleObjectEx
RtlUnwind
RaiseException
InterlockedExchange
LocalAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEndOfFile
FormatMessageW
GetProcessHeap
HeapValidate

user32

GetDlgItem
SetDlgItemTextW
SetWindowTextW
GetDlgItemTextW
EndDialog
DialogBoxParamW
CreateDialogParamW
ScreenToClient
ReleaseDC
DrawTextW
GetDC
MoveWindow
ClientToScreen
GetMonitorInfoW
SetCursorPos
MapWindowPoints
GetCursorPos
wsprintfW
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnumDisplaySettingsW
ChangeDisplaySettingsW
SetWindowLongW
UpdateWindow
EnumDisplaySettingsExW
ShowWindow
GetAsyncKeyState
SetWindowTextA
IsClipboardFormatAvailable
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetFocus
MessageBoxA
SetDlgItemTextA
IsDialogMessageW
PeekMessageW
GetForegroundWindow
PostThreadMessageW
AdjustWindowRectEx
LoadImageW
LoadCursorW
RegisterClassExW
CreateWindowExW
SendMessageW
SetCursor
GetClientRect
GetWindowRect
DestroyWindow
PostMessageW
SetFocus
BringWindowToTop
SetForegroundWindow
SetWindowPos
keybd_event
DefWindowProcW
GetKeyState
CallNextHookEx
MessageBoxW
GetSystemMetrics

gdi32

GetDeviceCaps
CreateFontA
SelectObject
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 2.4MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mydata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edfbab5537407896bc155c55e2a3e622

Headers

DLL Characteristics

File Characteristics

Imports

wininet

d3dx9_43

dbghelp

winmm

ws2_32

gdiplus

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 2.4MB - Virtual size: 2.3MB

.rdata Size: 407KB - Virtual size: 407KB

.data Size: 164KB - Virtual size: 2.5MB

.mydata Size: 512B - Virtual size: 8B

.rsrc Size: 192KB - Virtual size: 191KB

.text
Size: 2.4MB - Virtual size: 2.3MB

.rdata
Size: 407KB - Virtual size: 407KB

.data
Size: 164KB - Virtual size: 2.5MB

.mydata
Size: 512B - Virtual size: 8B

.rsrc
Size: 192KB - Virtual size: 191KB