NEAS[.]04f97157108db7cab1926a46ae4b3b50_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.04f97157108db7cab1926a46ae4b3b50_JC.exe
Size

114KB
MD5

04f97157108db7cab1926a46ae4b3b50
SHA1

cd7931ddc5c47c07fad94b5e3802ef722fb34f00
SHA256

b75b18c5072aa0766c05d5cf7f14b883b25f610b1b249d2949a2884e29dd4813
SHA512

f31d51ed6a5e91df77eafa130c5d9d4752635c3d79a7733f94f41105bd7c95c7fdf4258bf6d452d6de35606de6af385d3301bb807e2f11614c873dd604efa8b6
SSDEEP

1536:AwRABU6LQy0c2U5I/6TB2qcg+R0Tnt/zcmAHcvxDvrMgZ9:AwRABU7c2UTBcIBzcf8pDTM89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.04f97157108db7cab1926a46ae4b3b50_JC.exe

Files

NEAS.04f97157108db7cab1926a46ae4b3b50_JC.exe
.exe windows:4 windows x86

547b980d5be24fc57991ad935a9561ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetTickCount
WinExec
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
WaitForSingleObject
SetFilePointer
WriteFile
CreateFileA
GetCurrentProcess
EndUpdateResourceA
UpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileAttributesA
GetModuleHandleA
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
CreateProcessA
GetCurrentThread
SetThreadPriority
CreateThread
LoadLibraryA
GetProcAddress
LockResource
Sleep
GetStartupInfoA
RtlUnwind

user32

GetDesktopWindow

advapi32

StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

htonl
WSAStartup
WSACleanup
select
__WSAFDIsSet
setsockopt
socket
connect
send
htons
recv
inet_addr
sendto
closesocket
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

localtime
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
free
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
realloc
malloc
strlen
__CxxFrameHandler
_CxxThrowException
atoi
strncpy
strcspn
memset
strstr
strcpy
sprintf
memcpy
strcmp
time
exit
strcat
strncmp
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
_XcptFilter

Sections

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

547b980d5be24fc57991ad935a9561ff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

shlwapi

iphlpapi

msvcrt

Sections

.data Size: 31KB - Virtual size: 32KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 2KB - Virtual size: 2KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 2KB - Virtual size: 2KB