NEAS[.]3df22664c55e5925ca69790904391c50[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3df22664c55e5925ca69790904391c50.exe
Size

36KB
MD5

3df22664c55e5925ca69790904391c50
SHA1

27e353fbd6773744965ac98178b6763f5974508b
SHA256

e4f212402390439f98bc5438d69eface3dbd94182fd7e93da80e86a40f8ecaeb
SHA512

9a2d97159c65e46b803fca06fa7f5ecb82011a59c2d5fe7b5946830aaae8e4af2455b25d262c15f384975c1b2f9e48061e99a84d17f3570c5913c771326a9f1b
SSDEEP

192:ICAnpF7N51GcNTfn3ACq7A6krA46/ThplpFEsWvj8:IJpFRzvqod6jTFEsWvj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3df22664c55e5925ca69790904391c50.exe

Files

NEAS.3df22664c55e5925ca69790904391c50.exe
.dll regsvr32 windows:4 windows x86 arch:x86

ccef1e852413cd01987726a2313c75f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
EnumResourceNamesW
FindResourceW
GetEnvironmentVariableW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
LoadLibraryW
LoadResource
MultiByteToWideChar
SizeofResource

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcpy
strcspn
strlen

Exports

Exports

DirectPlayNATHelpCreate
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 164B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccef1e852413cd01987726a2313c75f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

ucrtbase

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 80B

.rodata Size: 4KB - Virtual size: 28B

.rdata Size: 4KB - Virtual size: 592B

.bss Size: - Virtual size: 164B

.edata Size: 4KB - Virtual size: 802B

.idata Size: 4KB - Virtual size: 940B

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 4KB - Virtual size: 324B

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 80B

.rodata
Size: 4KB - Virtual size: 28B

.rdata
Size: 4KB - Virtual size: 592B

.bss
Size: - Virtual size: 164B

.edata
Size: 4KB - Virtual size: 802B

.idata
Size: 4KB - Virtual size: 940B

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 4KB - Virtual size: 324B