NEAS[.]029c7f08e40e348d88a813e6299eed60_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.029c7f08e40e348d88a813e6299eed60_JC.exe
Size

402KB
MD5

029c7f08e40e348d88a813e6299eed60
SHA1

6ed9a8f6e359ef12cd6a192056f25ab9e0038515
SHA256

7750947a1cbd9e8fe8393c45e3add8ca7c3bd346007602e564684bbd95b0fd4e
SHA512

4f0e1796ceb63d253d323b48bac0fc63b0bb2fc72785e0604f2a65a4cba8505e998ca5635674c3a34f5e4de89faba4be45942a4ccd7297138109dc27b9beed4d
SSDEEP

12288:qnWr0wbYlLQ84ZNwjFU8815RTyjYOzbbX:mwbMcBZNsFORM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.029c7f08e40e348d88a813e6299eed60_JC.exe

Files

NEAS.029c7f08e40e348d88a813e6299eed60_JC.exe
.dll windows:6 windows x86

4769011746865c391dd34725f1f71cb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentThreadId
CreateProcessA
GetLastError
FormatMessageA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140

memset
longjmp
memcpy
_setjmp3
strchr
strrchr
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

fclose
fflush
__acrt_iob_func
__stdio_common_vfprintf
fopen
setvbuf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strlen
strncmp
strtok_s
strncpy
strcmp
strcpy
_strdup
isdigit
strcat

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-runtime-l1-1-0

abort
_initialize_onexit_table
exit
_getpid
_configure_narrow_argv
_initterm_e
_sleep
_errno
_initterm
strerror
_register_onexit_function
_initialize_narrow_environment
_seh_filter_dll
_crt_atexit
_cexit
_execute_onexit_table

api-ms-win-crt-convert-l1-1-0

strtol
atol

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-time-l1-1-0

_time64
_localtime64
strftime

Exports

Exports

_Agent_OnLoad@12
_Agent_OnUnload@4

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4769011746865c391dd34725f1f71cb8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 253KB - Virtual size: 256KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 253KB - Virtual size: 256KB