269d0221b3417bce0debd4498f1c85a0_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

269d0221b3417bce0debd4498f1c85a0_NEAS
Size

2.5MB
MD5

269d0221b3417bce0debd4498f1c85a0
SHA1

cd3a83624e8c9550524d9f560cf5bf455a0e3a8f
SHA256

34aa104e4c9bfaf3665ffcb25a74cf157cd7384656431141e5e4fd57266770d5
SHA512

b174e19f4151b0440340423bb564c18756a6cefb708312df739ad12f357160ba168020a9cb3b4b2c853e995c9569a90049c07e96c5b1002b65f237ac8ac64b7e
SSDEEP

49152:2Lpy9VfwHC/fnoEYN/uVjJVv01zdw8/q9/8Pyio0Mato:ypKwpEYh0VMP/iCfMao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
269d0221b3417bce0debd4498f1c85a0_NEAS

Files

269d0221b3417bce0debd4498f1c85a0_NEAS
.dll windows:5 windows x86 arch:x86

7de9ca76bb11974dd0659b170270b8a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

OffsetClipRgn
GetTextCharset
BeginPath
CreateRoundRectRgn
GetWindowOrgEx

user32

DrawIcon
GetWindowRgn
GetMessageA
SetMenuItemBitmaps
CheckMenuItem
GetWindow
IsWinEventHookInstalled

oleaut32

GetErrorInfo
SafeArrayAllocDescriptorEx

ws2_32

WSAGetLastError

advapi32

RegQueryInfoKeyA
LookupPrivilegeNameW

kernel32

GetBinaryTypeW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
CloseHandle
GetProcessShutdownParameters
ConvertDefaultLocale
ChangeTimerQueueTimer
SetConsoleCP
UnlockFileEx
DeleteCriticalSection
SetStdHandle
GetModuleFileNameW
LoadLibraryExW
GetTimeFormatA
VerSetConditionMask

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.code
Size: 320KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lq8zSJD
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hm299*2
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=Womat6
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7de9ca76bb11974dd0659b170270b8a1

Headers

File Characteristics

Imports

gdi32

user32

oleaut32

ws2_32

advapi32

kernel32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 4KB - Virtual size: 2KB

.code Size: 320KB - Virtual size: 321KB

lq8zSJD Size: 308KB - Virtual size: 305KB

hm299*2 Size: 1.3MB - Virtual size: 1.3MB

=Womat6 Size: 164KB - Virtual size: 161KB

.crt0 Size: 180KB - Virtual size: 177KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 40KB - Virtual size: 38KB

DATA Size: 56KB - Virtual size: 53KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 4KB - Virtual size: 2KB

.code
Size: 320KB - Virtual size: 321KB

lq8zSJD
Size: 308KB - Virtual size: 305KB

hm299*2
Size: 1.3MB - Virtual size: 1.3MB

=Womat6
Size: 164KB - Virtual size: 161KB

.crt0
Size: 180KB - Virtual size: 177KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 40KB - Virtual size: 38KB

DATA
Size: 56KB - Virtual size: 53KB