NEAS[.]9059582b03b754bb860434b3d750c690[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9059582b03b754bb860434b3d750c690.exe
Size

1.5MB
MD5

9059582b03b754bb860434b3d750c690
SHA1

a2d94b77cb587776f48087c3906ee7f4d9c3976d
SHA256

9fd9a8b0a58b40d31f59ea8ec3d0bbbd48faf8086de26428a538718521a262cb
SHA512

1025141acc086e3c15161c3be8c119b0433cea382aee85936b5d975b48d667793f7a5c1863a7d3af081ee15bb31008cf3c9b7b332a3c5952f2eab5bd417e43b4
SSDEEP

24576:ikAYmlCWCMGxffMu6pi+rJVi0jzDTjau7zDTjT3XwdXB/PEL3xed6XW2InxISG6P:4ZgAU3YAdXeInOS16aT7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9059582b03b754bb860434b3d750c690.exe

Files

NEAS.9059582b03b754bb860434b3d750c690.exe
.exe windows:5 windows x86 arch:x86

953aa2cdd709d575de587ad7af309261

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
FlushFileBuffers
GetTempPathW
GetLastError
GetCurrentDirectoryW
MoveFileW
EnterCriticalSection
FindClose
ResetEvent
GlobalMemoryStatusEx
CreateEventW
RemoveDirectoryW
GetSystemInfo
GetThreadPriority
IsDebuggerPresent
FindNextFileW
GetFileAttributesExW
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
ReleaseMutex
CloseHandle
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
FoldStringW
InterlockedExchangeAdd
OutputDebugStringA
LocalFree
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
HeapFree
SetThreadPriority
WriteConsoleW
GetFileType
GetStdHandle
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitThread
CreateThread
RaiseException
RtlUnwind
GetTimeZoneInformation
GetCPInfo
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapCreate
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
CompareStringW
SetEnvironmentVariableA
CreateFileW
GetModuleFileNameW
ReadFile
GetFileAttributesW
IsProcessorFeaturePresent
LeaveCriticalSection
GetVersionExW
FormatMessageW
Sleep
TerminateThread
LoadLibraryW
GlobalAlloc
GetPriorityClass
InitializeCriticalSection
WriteFile
GetCurrentThread
GetModuleHandleW
OutputDebugStringW
SetEvent
WaitForSingleObject
GlobalLock
CreateDirectoryW
QueryPerformanceCounter
GlobalSize
FreeLibrary
GetCurrentProcess
SetFilePointer
FindFirstFileW
SetPriorityClass
CreateMutexW
GetCommandLineW
ExitProcess
LoadLibraryA
GetProcAddress
HeapAlloc

user32

MapVirtualKeyW
GetUpdateRgn
CloseClipboard
EnumDisplayMonitors
SetCursor
DestroyWindow
EndPaint
CharLowerW
CharUpperW
CharLowerA
CharUpperA
EnumWindows
CreateIconIndirect
GetDC
GetCapture
TranslateMessage
GetForegroundWindow
RegisterClassExW
GetWindowPlacement
GetAsyncKeyState
InvalidateRect
SetCursorPos
GetAncestor
GetClipboardData
GetWindowTextW
SystemParametersInfoW
PeekMessageW
EnableMenuItem
EmptyClipboard
RedrawWindow
GetMessageW
DestroyCaret
GetDesktopWindow
SetWindowPos
GetSystemMenu
SetLayeredWindowAttributes
ShowWindow
SendMessageTimeoutW
GetActiveWindow
CreateCaret
CreateWindowExW
OpenClipboard
ReleaseCapture
GetSystemMetrics
SetCaretPos
SendMessageW
SetClipboardData
SetWindowTextW
DestroyIcon
DefWindowProcW
GetMessageTime
GetMessagePos
GetWindowThreadProcessId
BeginPaint
RegisterWindowMessageW
IsChild
SetCapture
UnregisterClassW
PostMessageW
SetForegroundWindow
GetFocus
SetWindowLongW
GetWindowLongW
SetParent
DispatchMessageW
GetCursorPos
GetWindowRect
GetParent
TrackMouseEvent
AttachThreadInput
LoadCursorW
GetWindowInfo
MessageBeep
WindowFromPoint
SetFocus
ShowCaret
DestroyCursor
ReleaseDC

gdi32

StretchDIBits
GetKerningPairsW
SetMapperFlags
SaveDC
GetOutlineTextMetricsW
SetMapMode
CombineRgn
CreateRectRgnIndirect
SelectObject
GetRegionData
CreateBitmap
ExcludeClipRect
GetDeviceCaps
CreateFontIndirectW
CreateDIBSection
DeleteDC
GetTextMetricsW
CreateRectRgn
DeleteObject
GetGlyphOutlineW
GetGlyphIndicesW
CreateCompatibleDC
RestoreDC

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyW

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
Shell_NotifyIconW

ole32

CoCreateGuid
RegisterDragDrop
CoTaskMemFree
PropVariantClear
CoInitialize
OleUninitialize
OleInitialize
CLSIDFromString
CoCreateInstance
RevokeDragDrop

winmm

midiInStop
midiInClose
midiInGetDevCapsW
midiInReset
midiInPrepareHeader
timeBeginPeriod
midiInStart
midiInAddBuffer
midiInOpen
timeGetTime
midiInGetNumDevs
midiInUnprepareHeader

msvfw32

DrawDibOpen
DrawDibDraw

imm32

ImmSetCandidateWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

953aa2cdd709d575de587ad7af309261

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

msvfw32

imm32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 184KB - Virtual size: 184KB

.data Size: 22KB - Virtual size: 32KB

.rsrc Size: 130KB - Virtual size: 130KB

.reloc Size: 70KB - Virtual size: 70KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 184KB - Virtual size: 184KB

.data
Size: 22KB - Virtual size: 32KB

.rsrc
Size: 130KB - Virtual size: 130KB

.reloc
Size: 70KB - Virtual size: 70KB