76b87e79fa92d9f285ac1ac0787745d0_NEAS

Sharing

Copy URL

Twitter E-mail

General

Target

76b87e79fa92d9f285ac1ac0787745d0_NEAS
Size

248KB
MD5

76b87e79fa92d9f285ac1ac0787745d0
SHA1

f26dbd4fc88a7db4d586e5fa1db92b0ce04cee83
SHA256

ce04d42a7e3d3b2c98376d4f45bfce40badad5da997de3e5ba7f2169cc09f171
SHA512

69f6462c03dabf31151492d948a1a94beb5d5dfcbd2fcb98d6cb52803b869fce895bed4ce5717cd942d646df8e493bc83a2e8c16ac366b99aa1961180005ed84
SSDEEP

3072:xRBoPCSct0deLXNx2dzq61d85tT4QHMtZ7AHiqUWDvjdS027fS4KxXuGIZohTI7C:x440deLXNxGZ1dutMQsAJy7fKb47Y3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76b87e79fa92d9f285ac1ac0787745d0_NEAS

Files

76b87e79fa92d9f285ac1ac0787745d0_NEAS
.exe windows:4 windows x86 arch:x86

4575be3b6e1e6ba78d58805fb5668d8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
TerminateProcess
HeapSize
GetACP
HeapFree
HeapReAlloc
UnhandledExceptionFilter
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
ExitProcess
HeapDestroy
GetCommandLineA
GetTimeZoneInformation
FreeEnvironmentStringsA
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
DeleteCriticalSection
GetFileType
InitializeCriticalSection
IsBadCodePtr
SetStdHandle
CompareStringA
SetEnvironmentVariableA
RtlUnwind
FormatMessageA
GetTickCount
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
GetCPInfo
GetProcessVersion
SetErrorMode
SizeofResource
GlobalFlags
WideCharToMultiByte
InterlockedIncrement
GetFileSize
SystemTimeToFileTime
LocalFileTimeToFileTime
LocalReAlloc
InterlockedDecrement
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
LocalAlloc
TlsAlloc
LocalFree
HeapCreate
VirtualFree
EnterCriticalSection
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
LeaveCriticalSection
GetStringTypeW
MulDiv
GetProfileStringA
SetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
GetModuleHandleA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
DeleteFileA
IsBadReadPtr
VirtualAlloc
CompareStringW
GlobalFree

user32

DestroyIcon
SetRect
GetNextDlgGroupItem
MessageBeep
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
InsertMenuA
PtInRect
GetClassNameA
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
LoadIconA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
GetTopWindow
CharNextA
CopyAcceleratorTableA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
CallWindowProcA
RemovePropA
GetMessageTime
DeleteMenu
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
MapDialogRect
GetWindow
SetWindowContextHelpId
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
GetSysColorBrush
LoadCursorA
GetMenuStringA
GetCapture
IsChild
GetMessagePos
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
SetCursor
ShowOwnedPopups
PostMessageA
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
GetSystemMetrics
CharUpperA
wsprintfA
InvalidateRect
FillRect
EnableWindow
UpdateWindow
GetPropA
UnhookWindowsHookEx
EndDeferWindowPos
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
GetStockObject
SetBkMode
RestoreDC
SaveDC
SelectObject
DeleteDC
GetObjectA
SetTextColor
GetClipBox
SetBkColor
CreateBitmap
StretchDIBits

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
GetFileSecurityA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
RegCreateKeyA
RegSetValueA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4575be3b6e1e6ba78d58805fb5668d8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 20KB - Virtual size: 17KB