NEAS[.]e43bd8fd8836fc3385733a30bb71a0e0[.]exe

General

Target

NEAS.e43bd8fd8836fc3385733a30bb71a0e0.exe
Size

3.4MB
MD5

e43bd8fd8836fc3385733a30bb71a0e0
SHA1

51fdf72e43cb17d3ea47d212f6a409e5821daf36
SHA256

8b945a297dd198e2eebeaf053ac869510892a814ffa582df2fae108a7c8b6a20
SHA512

f11c36f2abbdad2235349b760230874462a1502254dab70e8d02c575d31cd513b0719539da765db2b4232af5880f52b4e52673adf94906cb12eadf0164afc6ec
SSDEEP

98304:qkmYyXewpW+tso+mqH1YNWOcMGrS8OkkKXm4raKdkfYQVdrRj:zmTLplsoxqH1fOgOkkhJB9Rx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e43bd8fd8836fc3385733a30bb71a0e0.exe

Files

NEAS.e43bd8fd8836fc3385733a30bb71a0e0.exe
.exe windows:4 windows x86 arch:x86

7ae0c777f3836dbf329516e49a34c164

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
CloseHandle
Sleep
FreeLibrary
WideCharToMultiByte
SetLastError
HeapAlloc
DeleteCriticalSection
EnterCriticalSection
WriteFile
GetProcessHeap
CreateFileW
GetStdHandle
GetStartupInfoW
IsDebuggerPresent
GetCommandLineW
FindClose
ReadFile
RaiseException
SetEvent
GetFileType
TlsGetValue
GetModuleHandleA
HeapSetInformation
WriteConsoleW
LoadLibraryExW
TlsFree
RtlUnwind
LCMapStringW
GetModuleFileNameA
GetEnvironmentStringsW
FindNextFileW
FindFirstFileW
DeleteFileW
GetConsoleCP
GetCommandLineA
GetVersionExW
ReleaseMutex
CreateFileA
OutputDebugStringW
GetFileSize
VirtualFree
LoadLibraryA
GetLocaleInfoW
UnmapViewOfFile
GetExitCodeProcess

user32

TranslateMessage
DispatchMessageW
DestroyWindow
DefWindowProcW
MessageBoxW
PostQuitMessage
CreateWindowExW
GetMessageW
GetSystemMetrics
GetDC
GetWindowRect
SendMessageW
GetClientRect
SetWindowPos
EnableWindow
IsWindow
SetTimer
LoadIconW
SetFocus
SetForegroundWindow
BeginPaint
RegisterClassW
GetWindow
UpdateWindow
SystemParametersInfoW
GetKeyState
CharUpperW

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ae0c777f3836dbf329516e49a34c164

Headers

File Characteristics

Imports

kernel32

user32

Sections

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.text Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.text
Size: 6KB - Virtual size: 6KB