7af49d12ef9debf76c06862e781aa030_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

7af49d12ef9debf76c06862e781aa030_NEAS
Size

252KB
MD5

7af49d12ef9debf76c06862e781aa030
SHA1

7fdbe4ea9440b161512f1b877a9c927053b14c8d
SHA256

1ebda075fd2cd6327d1173708cdad14a2505475a0bb80fd054d28a720f86001e
SHA512

1c6ab33ef2e3688ceacbef8d64b35e533175e3986e8e4abdc21d630e58e9cbfd376a0037935cd010cafa0569b9b9fbc8ab613477a8302678c0decde51984380e
SSDEEP

3072:v9l9LyFSQLvmBVG1LtzXyVnnHpIgFlWW8Bifo3i8Fwn7P05wDKHK:vJlQL0VG1LtzXunHCA8iPKHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7af49d12ef9debf76c06862e781aa030_NEAS

Files

7af49d12ef9debf76c06862e781aa030_NEAS
.exe windows:4 windows x86 arch:x86

97e48517fbf180f4cf4286b2b247a579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
OpenProcess
GetUserDefaultLCID
Sleep
ReadFile
FreeResource
LockResource
LoadResource
FindResourceA
GetTickCount
CreateThread
MulDiv
GlobalFlags
_lclose
_hread
_llseek
_lopen
SetLastError
GetUserDefaultLangID
GetModuleFileNameA
CreateProcessA
LocalAlloc
WaitForSingleObject
MultiByteToWideChar
LocalFree
lstrcatA
CreateFileA
DeviceIoControl
CloseHandle
lstrcmpA
lstrcpyA
WideCharToMultiByte
SizeofResource
GetVersionExA
EnterCriticalSection
WriteFile
VirtualFree
InitializeCriticalSection
HeapDestroy
GetEnvironmentVariableA
HeapCreate
GetFileType
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsAlloc
HeapSize
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
HeapReAlloc
GetVersion
GetCommandLineA
ExitProcess
GetModuleHandleA
RtlUnwind
GetStartupInfoA
GlobalFree
GlobalUnlock
lstrlenA
GlobalAlloc
GetLastError
GlobalLock
FreeLibrary
GetProcAddress
lstrcmpiA
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryA
IsBadWritePtr
GetComputerNameA
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
InterlockedIncrement
GetOEMCP
LCMapStringA
InterlockedDecrement
LCMapStringW

user32

PostQuitMessage
CharNextA
GetSystemMetrics
IsCharAlphaA
IsCharAlphaNumericA
CharPrevA
MessageBoxA
wsprintfA
LoadCursorA
LoadIconA
DefWindowProcA
RegisterWindowMessageA
DestroyWindow
LoadStringA
SendMessageA
GetParent
KillTimer
SetWindowLongA
GetClientRect
SetTimer
ClientToScreen
EnableWindow
InvalidateRect
SetFocus
SetDlgItemTextA
UpdateWindow
IsIconic
GetClassInfoExA
GetWindowTextLengthA
GetWindowTextA
GetMessageA
RegisterClassExA
SetCursor
EndDialog
TranslateMessage
DispatchMessageA
DestroyIcon
CreateDialogIndirectParamA
DialogBoxIndirectParamA
DrawIcon
EndPaint
IntersectRect
CreateWindowExA
BeginPaint
LoadBitmapA
SetWindowTextA
ShowWindow
ScreenToClient
ReleaseDC
GetDlgItem
GetWindowRect
SetWindowPos
GetWindow
PeekMessageA
PostMessageA
GetDC
GetWindowLongA

gdi32

RealizePalette
CreateCompatibleDC
GetDeviceCaps
DeleteObject
CreateDIBitmap
SelectPalette
CreatePalette
GetTextExtentPointA
BitBlt
SelectObject
FillRgn
CombineRgn
CreateRectRgn
GetObjectA
GetStockObject

winspool.drv

SetPrinterA
GetPrinterA
GetPrinterDriverA
GetPrinterDataA
DeletePrinterConnectionA
DeletePrinter
AddPrinterA
ClosePrinter
OpenPrinterA
GetPrinterDriverDirectoryA
EnumPortsA
EnumPrintersA

advapi32

RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97e48517fbf180f4cf4286b2b247a579

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 128KB - Virtual size: 125KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 128KB - Virtual size: 125KB