NEAS[.]090b2d902ac40eabe59f01be72af3556_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.090b2d902ac40eabe59f01be72af3556_JC.exe
Size

84KB
MD5

090b2d902ac40eabe59f01be72af3556
SHA1

ce6cc187e635c7b4c08e01b25c1c64139fe5fdc4
SHA256

9e8779ea3a1d68af7e4fe3913d7f45f80c5c70f214b5032fca779e265c5beec3
SHA512

3274f08026c38d0320803108bf47079b5af209e32a8e9cc8c1e70cc851ddb7e4fd5d1cea01d10b5916da16089f186f474c6ff9353f48b586a776897d14c7b24d
SSDEEP

1536:VJy2Va7qzlxwU+kRmM5WgtZ5n4LRlTgF6WVcq/WSp+LPTpYXu4jbB4su9xs9:Vk7qzUU+m5bZ5mRlTg/jn+7TpYXuSms9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.090b2d902ac40eabe59f01be72af3556_JC.exe

Files

NEAS.090b2d902ac40eabe59f01be72af3556_JC.exe
.exe windows:5 windows x86

955002d2f76d66c4fe069b7a88d7582a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
calloc
_initterm
_except_handler3
_iob
__getmainargs
realloc
getenv
_errno
free
_stricmp
_acmdln
__p__commode
sqrt
_adjust_fdiv
_cexit
__set_app_type
__setusermatherr
_exit
__p__fmode
fread
strncpy

kernel32

GetCommandLineW
SetFileTime
VirtualQuery
GetACP
GetShortPathNameA
GetSystemTimeAsFileTime
ReadFile
GetSystemDirectoryW
GetStartupInfoA
GetModuleHandleW
SetCurrentDirectoryA
GetStringTypeA
FreeLibrary
GetThreadLocale
WriteFile

advapi32

InitializeSecurityDescriptor
RegQueryValueExW
RegOpenKeyW
RegQueryInfoKeyA
RegCreateKeyExW
OpenThreadToken
CryptAcquireContextA
CryptHashData
CloseServiceHandle
RegEnumValueA
RegOpenKeyA
OpenProcessToken
RevertToSelf

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_Add
PropertySheetA
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Create
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_SetIconSize
CreateStatusWindowA
InitializeFlatSB
CreatePropertySheetPageW
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_Replace

user32

SetActiveWindow
GetMessagePos
CheckMenuItem
InsertMenuA
LoadCursorA
TranslateMessage

gdi32

SelectObject
GetTextFaceA
GetEnhMetaFileBits
OffsetViewportOrgEx
GetDIBits
AbortDoc
PtVisible
StretchBlt
UnrealizeObject
SetBkMode
GetEnhMetaFileDescriptionA
MoveToEx

ole32

OleSetClipboard
CoReleaseMarshalData
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
OleInitialize
CreateBindCtx
StgOpenStorage
StgCreateDocfileOnILockBytes

oleaut32

SafeArrayPutElement
LoadTypeLib
VariantClear
SysFreeString
SafeArrayUnaccessData
SysAllocStringLen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

955002d2f76d66c4fe069b7a88d7582a

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

comctl32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 3KB - Virtual size: 2KB