NEAS[.]1217bce9279ceb4639338b7273dac4f0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1217bce9279ceb4639338b7273dac4f0_JC.exe
Size

380KB
MD5

1217bce9279ceb4639338b7273dac4f0
SHA1

7945726b0ee12421bdce48225ff4a511d808009e
SHA256

0dadf64d30d77fe8ae1fbe4b5a70d0471a19fce9725a30f760ef7aa469c4be1e
SHA512

d3f784e9b4a3fe54623e3ac83ec34b620b5f61c4b33dad180672d381e46062e7fc6430091512cd59a79185fb16162cd476b033ee4c774944e5e812f6db56eea7
SSDEEP

6144:HYKJuS9Bw4nkDRtKaUv3+GPxIzuIQL0zr5Pa1iczx:HY6fo46KaUvlvXL0z61

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1217bce9279ceb4639338b7273dac4f0_JC.exe

Files

NEAS.1217bce9279ceb4639338b7273dac4f0_JC.exe
.exe windows:4 windows x86

c107ee5b2025632dfb967a02effe4fb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
lstrcmpiA
MulDiv
GetVersion
FindClose
FindFirstFileA
Sleep
DeleteFileA
MultiByteToWideChar
GetLastError
lstrlenA
GetFileAttributesA
CloseHandle
lstrcatA
lstrcpyA
GetTickCount
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpA
GetExitCodeThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SleepEx
LocalAlloc
LocalFree
GlobalHandle
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WinExec
lstrcpynA
FormatMessageA
SetLastError
RaiseException
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GetModuleHandleA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
InterlockedDecrement
SetThreadPriority
ResumeThread
GetCurrentProcessId
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
InterlockedIncrement
GlobalReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
ExitProcess
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
QueryPerformanceCounter
InterlockedExchange

user32

PostQuitMessage
ShowOwnedPopups
GetSysColorBrush
GetDCEx
LockWindowUpdate
SetParent
WindowFromPoint
ClientToScreen
SetRect
SetMenuItemBitmaps
ModifyMenuA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
EndPaint
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowPlacement
RegisterWindowMessageA
ValidateRect
GetClassNameA
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
EqualRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
PeekMessageA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
ShowWindow
GetWindowLongA
GetDesktopWindow
GetWindow
IsWindowEnabled
UnregisterClassA
GetMenuState
GetMenuItemID
GetMenuItemCount
CreateDialogIndirectParamA
MessageBeep
ReleaseCapture
SetCapture
InflateRect
SetCursor
ShowScrollBar
GetParent
KillTimer
SetTimer
ReleaseDC
GetDC
GetSysColor
TranslateAcceleratorA
GetDlgItem
MessageBoxA
wsprintfA
GetCursorPos
LoadImageA
GetSystemMetrics
PostMessageA
LoadMenuA
AppendMenuA
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
EndDialog
GetMenuItemInfoA
GetMessageA
GetScrollInfo
TranslateMessage
SystemParametersInfoA
LoadIconA
RegisterClassA
LoadCursorA
SendMessageA
EnableWindow
GetForegroundWindow
IsWindowVisible
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
IsZoomed
SetMenu
GetMenu
DestroyMenu
GetNextDlgTabItem
RemoveMenu
GetSubMenu
EnableMenuItem
PtInRect
IsWindow
FillRect
GetFocus

gdi32

CreateHalftonePalette
GetPaletteEntries
CombineRgn
SetRectRgn
GetTextMetricsA
CreateSolidBrush
CreatePen
SelectPalette
GetStockObject
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetPixel
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
GetBkColor
CreateBitmap
PatBlt
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetClipBox
CreateFontA
GetCharWidthA
CreateCompatibleBitmap
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
GetViewportOrgEx
SetStretchBltMode
StretchDIBits
DeleteObject
GetObjectA
GetDIBColorTable
DeleteDC
BitBlt
RealizePalette
SelectObject
CreateCompatibleDC
CreatePalette

comdlg32

GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_Draw

winmm

waveInUnprepareHeader
waveOutWrite
PlaySoundA
waveOutPause
waveOutRestart
waveInStart
waveOutReset
waveInStop
waveOutClose
waveInClose
waveOutOpen
sndPlaySoundA
waveInOpen
waveOutUnprepareHeader
waveOutGetPosition
timeKillEvent
timeSetEvent
timeGetTime
mixerGetNumDevs
mixerOpen
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose
waveInPrepareHeader
waveInGetPosition
waveOutPrepareHeader

avifil32

AVIStreamTimeToSample
AVIFileExit
AVIStreamFindSample
AVIStreamGetFrameClose
AVIStreamRead
AVIStreamRelease
AVIFileRelease
AVIStreamStart
AVIStreamGetFrame
AVIStreamReadFormat
AVIStreamInfoA
AVIStreamLength
AVIStreamSampleToTime
AVIFileGetStream
AVIFileInfoA
AVIFileOpenA
AVIStreamGetFrameOpen
AVIFileInit

msvfw32

ICClose
ICOpen

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c107ee5b2025632dfb967a02effe4fb1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

winmm

avifil32

msvfw32

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 88KB - Virtual size: 84KB