bb5c4ac10436c7ea30ecc9bf592f4920_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

bb5c4ac10436c7ea30ecc9bf592f4920_NEAS
Size

804KB
MD5

bb5c4ac10436c7ea30ecc9bf592f4920
SHA1

ebfdc9c89c75f0b373ad12d3c869fa0879413602
SHA256

7f1013da1776156b27d8f3e92f2d19c312f780da00bc8513cb07e057950fbde9
SHA512

fe6380622edc5484ce8f9417cd6c56122969908a6786167721fe05de33b7a98eb62c83b2945eed8828d4340e00588471ba74226f59d9cf3bc2834f8cb1fdb650
SSDEEP

12288:hGeqVjCyD966/JD18wSGTCNzXj9Jb8hniDysn/yttPX2lOlz:UeZG/lutzj9Jb8hn8x/yttPGlCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb5c4ac10436c7ea30ecc9bf592f4920_NEAS

Files

bb5c4ac10436c7ea30ecc9bf592f4920_NEAS
.exe windows:4 windows x86 arch:x86

2df7de81d8cd73377b8127322bcef27f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutGetDevCapsA
waveOutGetNumDevs

msvfw32

ICInfo
ICOpen
ICClose
ICGetInfo

msacm32

acmDriverDetailsA
acmDriverEnum

kernel32

GetFullPathNameA
GetThreadLocale
GlobalFlags
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
ExitProcess
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TerminateProcess
CreateThread
ExitThread
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetVolumeInformationA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetProcAddress
LoadLibraryA
DeviceIoControl
GetDriveTypeA
CreateFileA
GetLogicalDrives
FreeLibrary
CloseHandle
WaitForSingleObject
ResetEvent
CreateEventA
GetLastError
QueryDosDeviceA
GetModuleHandleA
lstrcmpiA
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
GetVersion
CreateProcessA
Sleep
SetConsoleTitleA
AllocConsole
FreeConsole
ReadFile
DuplicateHandle
GetCurrentProcess
CreatePipe
GlobalMemoryStatus
GetCommandLineA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MulDiv
WritePrivateProfileStringA
GetPrivateProfileStringA
VirtualProtect
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
lstrcmpA
GetCurrentThread
ReleaseMutex
WideCharToMultiByte
GetLocaleInfoA
lstrcpynA
GetModuleFileNameA
MultiByteToWideChar
LockResource
LoadResource
CreateMutexA
FindNextFileA
FindFirstFileA
SetLastError
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileSize
IsBadWritePtr
GetTickCount
LocalAlloc
LocalFree
lstrcatA
lstrlenA
WinExec
lstrcpyA
FormatMessageA
SizeofResource
GetSystemDefaultLangID
FindResourceA
GetFileType

user32

CharUpperA
WindowFromPoint
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
BeginPaint
GetWindowDC
ClientToScreen
SetWindowContextHelpId
MapDialogRect
GetAsyncKeyState
TranslateMessage
ValidateRect
GetCursorPos
PostQuitMessage
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
AdjustWindowRectEx
DestroyMenu
IsWindowVisible
GetClassInfoA
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetWindowLongA
GetClassNameA
MessageBoxA
WinHelpA
GetKeyState
PostMessageA
IsChild
CopyIcon
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
EndPaint
GetTopWindow
GetParent
IsWindow
PtInRect
MessageBeep
DestroyCursor
SystemParametersInfoA
SetRect
AdjustWindowRect
OffsetRect
LoadStringA
GetMenuItemCount
GetMenuStringA
GetMenuItemID
ModifyMenuA
GetSubMenu
GetSysColorBrush
CopyRect
LoadBitmapA
GetWindow
GetMenu
IsMenu
GetCapture
ClipCursor
SetCapture
GetMessageA
DispatchMessageA
ReleaseCapture
SetWindowLongA
LoadCursorA
EnableWindow
wsprintfA
GetSystemMetrics
SendMessageA
ShowWindow
FindWindowA
LockWindowUpdate
GetDesktopWindow
LoadIconA
GetWindowRect
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
IsIconic
InvalidateRect
GetSysColor
RedrawWindow
UpdateWindow
SetCursor
RemoveMenu
InflateRect
TabbedTextOutA
DrawTextA
GrayStringA
RegisterWindowMessageA
DrawEdge
GetFocus
ReleaseDC
FillRect
GetDC
ScreenToClient

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
PtVisible
RectVisible
ExtTextOutA
Escape
CreateRectRgn
DeleteDC
SetTextColor
SetBkColor
GetTextFaceA
GetClipBox
CreateBitmap
PatBlt
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
BitBlt
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextColor
LPtoDP
GetBkColor
GetCurrentObject
GetDeviceCaps
SetMapMode
StartDocA
CreateFontA
SetTextAlign
EndPage
StartPage
GetTextExtentPoint32A
SelectObject
MoveToEx
LineTo
TextOutA
EndDoc
DeleteObject
CreateSolidBrush
GetStockObject
GetTextExtentPointA
GetObjectA
CreateDIBitmap
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetFileTitleA
PrintDlgA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

ShellExecuteA

comctl32

ImageList_DrawIndirect
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Remove
ord17
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_SetBkColor

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
StringFromIID
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysStringLen
SysAllocStringByteLen

Sections

.text
Size: 456KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2df7de81d8cd73377b8127322bcef27f

Headers

File Characteristics

Imports

shfolder

version

winmm

msvfw32

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 456KB - Virtual size: 453KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 124KB - Virtual size: 146KB

.rsrc Size: 136KB - Virtual size: 156KB

.text
Size: 456KB - Virtual size: 453KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 124KB - Virtual size: 146KB

.rsrc
Size: 136KB - Virtual size: 156KB