NEAS[.]4cffe080e7bb0a8f0c6c09fee5659f90[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4cffe080e7bb0a8f0c6c09fee5659f90.exe
Size

552KB
MD5

4cffe080e7bb0a8f0c6c09fee5659f90
SHA1

65e47ec1c6315f7acd45d22461fcf825d39d251f
SHA256

87ab696b65abbbf16829030ad6b9754d86ed65b83c23d8b8bb7e0ffe7efeb3bd
SHA512

516f1289118f27f1ef423b39f2dd3ab619eedad7bcf2e7d394adb75dca67f4cd617d49a7089e7db9630f4367e35420e5612a3c8b079a2466d88bcc9445426e92
SSDEEP

12288:G0byG+PKFYnx8E5HkhBldjixKJpRrT7OOTxTpSyFJ6KZH:G0+swxFEhBldixKJpRrT7OOTxTpSqIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4cffe080e7bb0a8f0c6c09fee5659f90.exe

Files

NEAS.4cffe080e7bb0a8f0c6c09fee5659f90.exe
.dll windows:4 windows x64 arch:x64

7bf7b5ed7d99ad8250be54f53ef666e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy

kernel32

MultiByteToWideChar
FindClose
CloseHandle
WaitForSingleObject
SetEvent
SetThreadPriority
CreateEventA
GetModuleHandleA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlVirtualUnwind
SetLastError
TlsFree
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
RtlCaptureContext
IsDebuggerPresent
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
WideCharToMultiByte
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapSize
FormatMessageA
LoadLibraryA
GetThreadLocale
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
ExitThread
GetCurrentThreadId
CreateThread
TlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
RtlPcToFileHeader
HeapSetInformation
HeapCreate
HeapDestroy

user32

InsertMenuItemA
SendMessageA
GetClientRect
DrawTextA
DefWindowProcA
LoadCursorA
RegisterClassA
GetParent
GetClassNameA
BeginPaint
GetWindow
IsWindowVisible
GetWindowLongA
GetSysColor
EndPaint
GetFocus
GetAsyncKeyState
GetCapture
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SetFocus
GetCursorPos
SetCapture
MessageBoxA
CreatePopupMenu
ReleaseCapture
TrackPopupMenu
DestroyMenu
KillTimer
SetTimer
IsChild
GetDC
ReleaseDC
LoadImageA
DestroyIcon
UnregisterClassA
DialogBoxParamA
CreateDialogParamA
DestroyWindow
InvalidateRect
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
SetWindowLongA
PostMessageA
SetWindowLongPtrA
GetWindowLongPtrA
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA

gdi32

CreateFontA
SelectObject
SetBkMode
SetTextColor
BitBlt
CreateRectRgnIndirect
RectInRegion
CombineRgn
DeleteObject
CreateSolidBrush
FillRgn
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

DragQueryFileA
DragFinish

Exports

Exports

VSTPluginMain

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bf7b5ed7d99ad8250be54f53ef666e4

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 371KB - Virtual size: 371KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 13KB - Virtual size: 29KB

.pdata Size: 10KB - Virtual size: 10KB

.data1 Size: 7KB - Virtual size: 6KB

.trace Size: 12KB - Virtual size: 11KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 371KB - Virtual size: 371KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 13KB - Virtual size: 29KB

.pdata
Size: 10KB - Virtual size: 10KB

.data1
Size: 7KB - Virtual size: 6KB

.trace
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 6KB - Virtual size: 6KB