NEAS[.]0000e44c897d1c31b29cea60e75942d6_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0000e44c897d1c31b29cea60e75942d6_JC.exe
Size

172KB
MD5

0000e44c897d1c31b29cea60e75942d6
SHA1

d6f9c7a357bc34b2982a148e016c9e5beecaa387
SHA256

c10f7e8bfecbf2148e0040a6c7a258d15064cc5fe7cca2193a89e48e88de5a9e
SHA512

db3c269f68ff0ad6bb363c738b93517f1bbcc790488b6fb748bf3ff48bf8e6868d6111e2468338e24e012776a558bfa116b403093aed6fcebeb50965942a84c0
SSDEEP

3072:ctMJPaqeSu9+FLot8fzLi6OaU/EmwVan5rUXz:NifxsFiWLUj5AX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0000e44c897d1c31b29cea60e75942d6_JC.exe

Files

NEAS.0000e44c897d1c31b29cea60e75942d6_JC.exe
.exe windows:4 windows x86

da6f2d7e8d707d7dfc78e7491d59ea1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostThreadMessageA
DispatchMessageA
GetMessageA
LoadStringA
MessageBoxA
CharNextA

ole32

CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitialize
OleRun

oleaut32

GetErrorInfo
LoadRegTypeLi
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocString
VariantClear
VariantCopy
SystemTimeToVariantTime
SysFreeString
VariantInit

atl

ord16
ord30
ord58
ord32
ord25
ord57
ord18
ord17
ord20
ord23

kernel32

LocalFree
GetStartupInfoA
WideCharToMultiByte
SetStdHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
LocalAlloc
FreeLibrary
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTime
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
CloseHandle
WaitForSingleObject
CreateEventA
ResumeThread
SetThreadPriority
CreateThread
GetCurrentThreadId
lstrcmpiA
GetCommandLineA
lstrlenA
GetVersionExA
GetModuleFileNameA
GetLastError
GetCurrentProcess
GetCurrentThread
lstrlenW
MultiByteToWideChar
IsBadReadPtr
IsBadCodePtr
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
InterlockedExchange
GetVersion
ExitProcess
RaiseException
TerminateProcess
HeapReAlloc
HeapSize
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetProcAddress
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetUnhandledExceptionFilter

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

w�A�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da6f2d7e8d707d7dfc78e7491d59ea1f

Headers

File Characteristics

Imports

user32

ole32

oleaut32

atl

kernel32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 5KB

w�A� Size: 84KB - Virtual size: 84KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 5KB

w�A�
Size: 84KB - Virtual size: 84KB