64c2b7a251536d6c85e4590bae326b50_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

64c2b7a251536d6c85e4590bae326b50_NEAS
Size

72KB
MD5

64c2b7a251536d6c85e4590bae326b50
SHA1

623cfbf716d310fe59778a25a9eebb92b6998a4b
SHA256

26202c7d7cfbe0e8ff9534e3f0a58e913a00f5808675347d08019458e4ecf192
SHA512

6789c1586bb18a33a8c823250b31f575a6549237eed29a2a60277bc70514e939ce846ada9c0397ef17dc063101bf1e814db0e1c71f5773d53b9ff4399ab61221
SSDEEP

1536:X44AqTTEDpqHlL5sa7YSiHZxPSpobYV20JlkzfZ2EqCnEuZ:ILQlfS5xPSo8VnlkTZHqCnH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64c2b7a251536d6c85e4590bae326b50_NEAS

Files

64c2b7a251536d6c85e4590bae326b50_NEAS
.dll windows:4 windows x86 arch:x86

015e3023aa9dc95311fe56415d0f69bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetWaitableTimer
LocalShrink
GlobalLock
GetThreadContext
GetDiskFreeSpaceA
GetLogicalDrives
ProcessIdToSessionId
OpenFileMappingA
WriteConsoleOutputCharacterW
GetVersionExA
FileTimeToDosDateTime
GetFileSize
GlobalFree
SetThreadExecutionState
CopyFileExA
BeginUpdateResourceA
SleepEx
SetEnvironmentVariableA
IsProcessorFeaturePresent
GetTickCount
HeapQueryInformation
GetPriorityClass
EndUpdateResourceA
GetDllDirectoryA
GetLocalTime
HeapReAlloc
GetPrivateProfileSectionNamesW
GetConsoleSelectionInfo
WritePrivateProfileStringA
GetSystemWindowsDirectoryA
OpenJobObjectA
SetFileAttributesA
VirtualAllocEx
GetProcessWorkingSetSize
GetDriveTypeA
PulseEvent
DisconnectNamedPipe
lstrlenA
GetFullPathNameA
VirtualLock
SetConsoleDisplayMode
GetThreadTimes
ClearCommBreak
GetCPInfoExA
PeekConsoleInputA
SystemTimeToFileTime
GetEnvironmentStringsA
FlushFileBuffers
SetConsoleLocalEUDC
ReadConsoleInputA
GetCalendarInfoA
GetThreadPriorityBoost
DeleteAtom
OpenFileMappingA
LocalHandle
DebugBreak
GetStartupInfoA
GetStringTypeExA
CommConfigDialogA
LZClose
SetFirmwareEnvironmentVariableA
SetLastError
OutputDebugStringA
GetCurrentDirectoryA
IsBadHugeWritePtr
WriteConsoleOutputA
GlobalUnlock
GetThreadLocale
WriteConsoleOutputA
GetCommandLineA
MoveFileExA
WriteConsoleOutputA
GetConsoleHardwareState
GetConsoleCP
SetHandleInformation
SetFileShortNameA
OpenWaitableTimerA
GetFileAttributesExA
CreateTimerQueueTimer
OpenJobObjectA
Process32First
QueryDosDeviceA
lstrcmpi
GetCommTimeouts
ReadConsoleOutputA
CreateFileA
ClearCommError
GetDateFormatA
GetFileTime

winmm

timeGetSystemTime

user32

TrackPopupMenu
CloseDesktop
DrawFocusRect
CharToOemBuffA
RegisterTasklist
ToAsciiEx
DestroyMenu
GetNextDlgTabItem
SetMessageQueue
ScrollDC
DestroyIcon
RegisterWindowMessageA
SetCursor
MonitorFromRect
DlgDirListComboBoxA
CopyAcceleratorTableA
DrawMenuBarTemp
GetPropA
RedrawWindow
CharUpperA
SwitchToThisWindow
GetWindowModuleFileNameA
LoadMenuA
OpenWindowStationA
ReasonCodeNeedsComment
GetUserObjectInformationA
EnumClipboardFormats
TabbedTextOutA
LoadMenuA
GetShellWindow
RegisterMessagePumpHook
OpenWindowStationA
GetMessageA
SystemParametersInfoA
UnregisterClassA
ShowWindow
RegisterRawInputDevices
DestroyIcon
GetWinStationInfo
GetKeyboardLayoutNameA
CopyIcon
SwitchDesktop
OemToCharA
GetRawInputDeviceInfoA
RegisterClassExA
IsIconic
GetWindowTextA
CharToOemBuffW
GetMessageTime
CharLowerA
SendIMEMessageExA
CharNextA
SetMenu
FillRect
GetWindowContextHelpId
TabbedTextOutA
GetMenuItemCount
LoadRemoteFonts
GetTitleBarInfo
DrawFrame
UnregisterClassA
GetSysColorBrush
GetMessageExtraInfo
PostMessageA
SetClipboardData
EnumDisplaySettingsA
EnumDisplaySettingsA
IsCharAlphaA
CreateCaret
IsIconic
ToAscii
RegisterRawInputDevices
DrawTextExA
IsClipboardFormatAvailable
LoadAcceleratorsA
EnumPropsExA
GetCapture
IsChild
OffsetRect
SetWindowStationUser
GetProgmanWindow
LoadMenuIndirectW
RegisterDeviceNotificationA
CloseDesktop
CreateCursor
IsCharUpperA
OpenDesktopA
DialogBoxParamA

Exports

Exports

Medbgjtpd
CloseVbmugoceskr
Aynowvrjvk

Sections

.idata
Size: - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 56KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

015e3023aa9dc95311fe56415d0f69bf

Headers

File Characteristics

Imports

kernel32

winmm

user32

Exports

Exports

Sections

.idata Size: - Virtual size: 300B

.itext Size: 56KB - Virtual size: 182KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 300B

.itext
Size: 56KB - Virtual size: 182KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB