NEAS[.]8ebdf1aa4d15559f7e9d81e707c18270[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.8ebdf1aa4d15559f7e9d81e707c18270.exe
Size

545KB
MD5

8ebdf1aa4d15559f7e9d81e707c18270
SHA1

50f810f9b8400675ef67c9e92ce3b54b8a4c81f1
SHA256

754904549e58ee12bbb82a8e9a113266e867c72b4e2685b24d94136423e35e57
SHA512

b4ae7daf1fa5c0b448be9e318748647297015e18a6100f920fcbbdbfb5210e194715c4471c80a39bcf069035468a91e71793dd3e73dbe3c8e9d347b4d7d46d15
SSDEEP

12288:RXGka400wzcG22uGVkz7m2df6DDg1ESYd73EkZu6iDJo8gTawru:RGkaAbGK0e7m2YgrY9016KAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8ebdf1aa4d15559f7e9d81e707c18270.exe

Files

NEAS.8ebdf1aa4d15559f7e9d81e707c18270.exe
.exe windows:4 windows x86 arch:x86

4ab589c7f752c02d293f6dd6b33942f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
LeaveCriticalSection
lstrcmpiA
EnterCriticalSection
lstrlenA
GetVersion
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
SetFilePointer
SetFileTime
GetDriveTypeA
GetConsoleScreenBufferInfo
GetStdHandle
ReadFile
SetConsoleMode
GetConsoleMode
DosDateTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
SetVolumeLabelA
GetCurrentDirectoryA
SetEnvironmentVariableW
CreateDirectoryA
lstrcpynA
CreateMutexA
InterlockedExchange
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
GetCurrentProcess
CreateFileA
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetFullPathNameA
CloseHandle
MultiByteToWideChar
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
SetStdHandle
GetFileType
HeapReAlloc
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
WriteFile
FlushFileBuffers
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
RtlUnwind
GetLocaleInfoW
DeleteFileA
FindClose
FindFirstFileA

user32

CharToOemA
OemToCharA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorControl

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ab589c7f752c02d293f6dd6b33942f6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 60KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 60KB