NEAS[.]8654493fcae20c06cbfa02d8e810f881_JC[.]exe

General

Target

NEAS.8654493fcae20c06cbfa02d8e810f881_JC.exe
Size

35KB
MD5

8654493fcae20c06cbfa02d8e810f881
SHA1

bb73527be84d3faab221b5a1b894a15e95a6fcca
SHA256

1c23fe1af4c386e1c9155029818917f7a60a8d55b4959ecb1a1bcd14736320d4
SHA512

32c1776d3ee0dd3f5be259d3808d5527de5289c557972d30bcc38bd66f7f6e3dba37b47b4839643632d4181e124f9ffccbe0aa06a9740d8ec9b2aac596e3962d
SSDEEP

768:cLVpe+RIyVPIwYe7A0IW9+6IwYe7aYFdXDpY:kVg2IyVPPYe7AM46PYe7aYFxpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8654493fcae20c06cbfa02d8e810f881_JC.exe

Files

NEAS.8654493fcae20c06cbfa02d8e810f881_JC.exe
.exe windows:4 windows x86

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
CompareStringW
GetModuleHandleW
GetFullPathNameW
GetStringTypeW
lstrcpynW
GetCurrentProcess
lstrcmpA
GetProcAddress
TlsGetValue
OpenMutexA
GetPrivateProfileSectionA
WaitForSingleObjectEx
FoldStringW
WriteConsoleA
GetPrivateProfileSectionA
HeapAlloc
FileTimeToSystemTime
InterlockedDecrement
CopyFileW
DeviceIoControl
ReplaceFileA
FindNextVolumeW
QueryDosDeviceA
GetSystemTime
SetEnvironmentVariableA
GetLocalTime
GetDiskFreeSpaceA
SearchPathA
IsValidCodePage
GetShortPathNameA
GetTickCount
GetVolumePathNameA
GetPrivateProfileSectionA
SetErrorMode
GetProcessHeap
FindFirstVolumeW

cryptdll

MD5Final
MD5Init
CDLocateRng
CDBuildVect
MD5Update

user32

GetClassInfoA
CharToOemA
GetMessageW
EnumDesktopsA
GetCaretPos
IsDialogMessageA
wsprintfA
DispatchMessageA
SetFocus
PostMessageW
DrawIcon
DrawTextA
LoadCursorA
CreateDesktopA
DialogBoxParamW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

Imports

kernel32

cryptdll

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB