e3bc193054cf7c6e4abb529f1d6204b0_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

e3bc193054cf7c6e4abb529f1d6204b0_NEAS
Size

880KB
MD5

e3bc193054cf7c6e4abb529f1d6204b0
SHA1

20a50a5ad37db6e61c51dbd6ce8a8bac64e00baf
SHA256

0dc4177b6c0d7067eddca368e9027f70541ec511fb511b90400b0c2d541a1219
SHA512

8ed9d9d70fecfc65994bce74be6cd51e26d4c0cc4489fe46a7e15084c1b3012114478f672fc27f39e92c0f49b7e6d0ba0bc3493ce6f3161126c6907137bea693
SSDEEP

12288:6rR4SiwCYG/W2MpCH916SVPkk1kQ09WsRb0cxskntuPQMQvOWEDTnb63AEXcX+JN:6N41dYGtiQ0gDkUPQDOlDVi9Bga+u/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3bc193054cf7c6e4abb529f1d6204b0_NEAS

Files

e3bc193054cf7c6e4abb529f1d6204b0_NEAS
.exe windows:4 windows x86 arch:x86

d12ec379a2c0e9e6e93e8eefd69536de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

netapi32

Netbios

kernel32

GetStartupInfoA
GetCommandLineA
RaiseException
ExitProcess
TerminateProcess
GetACP
HeapReAlloc
HeapSize
GetStringTypeA
GetStringTypeW
FatalAppExitA
LCMapStringA
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
HeapAlloc
CreateThread
ExitThread
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
HeapFree
GetTimeZoneInformation
RtlUnwind
SetFileTime
TlsAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetStringTypeExA
GetFullPathNameA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SetErrorMode
GetThreadLocale
GetCurrentDirectoryA
CopyFileA
GlobalSize
GetOEMCP
GetCPInfo
SizeofResource
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
HeapCreate
GlobalFlags
WritePrivateProfileStringA
SetProcessShutdownParameters
GetSystemTime
SetUnhandledExceptionFilter
GetCurrentThread
GetCurrentProcessId
GetPrivateProfileStringA
lstrlenA
MultiByteToWideChar
ReleaseMutex
OpenMutexA
CreateMutexA
WaitForMultipleObjects
SetThreadPriority
ResetEvent
PulseEvent
SetEvent
WaitForSingleObject
OpenEventA
CreateEventA
IsDBCSLeadByte
Sleep
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetWindowsDirectoryA
GetVolumeInformationA
SetFileAttributesA
GetFileAttributesA
FreeLibrary
LoadLibraryA
GetVersionExA
GetLocalTime
GetPrivateProfileIntA
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
WideCharToMultiByte
EnterCriticalSection
GetLastError
LeaveCriticalSection
GetProfileStringA
GetProcessVersion
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
FindResourceA
LoadResource
SuspendThread
TerminateThread
GetLongPathNameW
GetLongPathNameA
MoveFileExA
FindFirstFileA
lstrcmpA
RemoveDirectoryA
FindNextFileA
FindClose
GetEnvironmentVariableA
GetTempFileNameA
GetExitCodeProcess
GetShortPathNameA
GetModuleFileNameW
GetShortPathNameW
GetSystemDirectoryA
CreateFileMappingA
GlobalAlloc
GlobalHandle
lstrcatA
lstrcpyA
ResumeThread
GetTickCount
SetLastError
LocalAlloc
LocalFree
DeleteFileA
WriteFile
CreateFileW
CreateDirectoryA
SetFileAttributesW
CreateProcessA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
UnmapViewOfFile
OpenFileMappingA
InterlockedExchange
MapViewOfFile
GlobalFree
GlobalLock
GlobalUnlock
GetUserDefaultLCID
HeapDestroy
SetEnvironmentVariableA

user32

GetDialogBaseUnits
SetMenu
LoadMenuA
DestroyMenu
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
LoadStringA
wvsprintfA
OemToCharA
CharToOemA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
UnpackDDElParam
ReuseDDElParam
GetLastActivePopup
SetWindowLongA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetKeyState
ValidateRect
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
GetForegroundWindow
GetWindowThreadProcessId
CopyAcceleratorTableA
BringWindowToTop
SetFocus
SendMessageTimeoutA
SetRect
GetClassNameA
PostThreadMessageA
GetMessageA
MsgWaitForMultipleObjects
EnableMenuItem
LoadBitmapA
GetDesktopWindow
GetSystemMenu
DeleteMenu
GetWindowTextLengthA
GetWindowTextA
EnumChildWindows
MessageBoxA
CreatePopupMenu
AppendMenuA
SetMenuDefaultItem
wsprintfA
TranslateAcceleratorA
RegisterWindowMessageA
LoadAcceleratorsA
CharNextA
DispatchMessageA
FindWindowA
PeekMessageA
TranslateMessage
SetForegroundWindow
ScreenToClient
UpdateWindow
GetWindow
IsWindowVisible
GetWindowRgn
SetCursor
GetWindowLongA
FrameRect
FillRect
DrawStateA
InsertMenuA
GetMenuStringA
RemoveMenu
CharUpperA
MessageBeep
GetNextDlgGroupItem
GetMessagePos
GetMessageTime
AttachThreadInput
DrawFocusRect
GetActiveWindow
GetParent
WindowFromPoint
DestroyCursor
CallNextHookEx
InflateRect
EqualRect
PtInRect
UnhookWindowsHookEx
SetWindowsHookExA
ReleaseCapture
LoadCursorA
GetSysColorBrush
RegisterClassExA
SetWindowRgn
RedrawWindow
SetRectEmpty
DrawFrameControl
OffsetRect
IsRectEmpty
MonitorFromPoint
GetMonitorInfoA
CopyRect
ClientToScreen
GetCursorPos
GetCapture
SetCapture
InvalidateRect
GetDC
ReleaseDC
DrawIconEx
GetIconInfo
GetSysColor
SystemParametersInfoA
LoadImageA
EnableWindow
GetClientRect
GetSystemMetrics
GetWindowRect
GetDlgItem
LoadIconA
SendMessageA
SetTimer
DestroyIcon
KillTimer
PostMessageA
GetMenuCheckMarkDimensions
SetScrollPos
HideCaret
ShowCaret
UnregisterClassA
DefDlgProcA
IsWindowUnicode
ExcludeUpdateRgn

gdi32

GetTextExtentPointA
GetObjectA
DeleteObject
CreateDIBitmap
ExcludeClipRect
GetStockObject
FrameRgn
MoveToEx
LineTo
OffsetClipRgn
CreateCompatibleDC
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
ScaleWindowExtEx
GetTextExtentPoint32A
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
StartDocA
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
GetPixel
GetCurrentObject
BitBlt
SelectObject
CreatePolygonRgn
CreateRoundRectRgn
CreateRectRgn
CombineRgn
EqualRgn
CreateSolidBrush
OffsetRgn
SetTextAlign
SetMapMode
CreateCompatibleBitmap
StretchBlt
CreateFontIndirectA
IntersectClipRect

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

StartServiceA
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyA
RegEnumKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges
RegOpenKeyA
GetUserNameA
ChangeServiceConfigA
UnlockServiceDatabase
OpenServiceA
QueryServiceLockStatusA
CloseServiceHandle
LockServiceDatabase
OpenSCManagerA
QueryServiceStatus
RegQueryValueA
ControlService
CreateServiceA
DeleteService
QueryServiceConfigA
RegSetValueA

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetMalloc

comctl32

ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Write
ImageList_Read
ImageList_AddMasked
ImageList_Add
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_LoadImageA
ImageList_Merge
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoDisconnectObject
CoTreatAsClass
OleSetClipboard
StringFromGUID2
CoRegisterClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CreateBindCtx
WriteClassStg
SetConvertStg
WriteFmtUserTypeStg
ReadClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReleaseStgMedium
StringFromCLSID
CoGetClassObject
CreateStreamOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleRun
OleIsCurrentClipboard
CoCreateInstance
CoUninitialize
CoInitialize

olepro32

ord253

oleaut32

SysReAllocStringLen
LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
VariantTimeToSystemTime
SafeArrayLock
SafeArrayAllocDescriptor
SafeArrayAllocData
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SafeArrayPtrOfIndex
SysAllocStringByteLen
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetVartype
SysAllocString
SafeArrayCopy
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetElement
SysFreeString
SafeArrayDestroy
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantClear
VariantCopy

ws2_32

ntohs
gethostbyaddr
getservbyport
getservbyname
inet_addr
htons
WSAGetLastError
WSASetLastError
gethostbyname
WSAStartup
htonl
WSACleanup
inet_ntoa
ntohl

Sections

.text
Size: 620KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d12ec379a2c0e9e6e93e8eefd69536de

Headers

File Characteristics

Imports

version

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

Sections

.text Size: 620KB - Virtual size: 617KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 76KB - Virtual size: 90KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 620KB - Virtual size: 617KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 76KB - Virtual size: 90KB

.rsrc
Size: 80KB - Virtual size: 77KB