NEAS[.]0005272b9ccbd4f232bafb18d0efbb20_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.0005272b9ccbd4f232bafb18d0efbb20_JC.exe
Size

116KB
MD5

0005272b9ccbd4f232bafb18d0efbb20
SHA1

2b2a832ebc7dc1aae02671f2be641e40dc106e69
SHA256

0e3f98e7dcf03a38aa25abd8c6683eac87dc4c08884d3adb7f31c6b93a23f691
SHA512

94af4a9116c33057a9402d2ca88934534285b26211693cf84195a7f794c42957e21c6759fc6d0852f05635c3517da9109a52c61321df43e1eb929317b6429f0a
SSDEEP

3072:8wueFhl8jwtoADOh30wwcEFV6SDADeak7dJHB/AdGuo:yzCoTh30wxSsQLH5Adxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0005272b9ccbd4f232bafb18d0efbb20_JC.exe

Files

NEAS.0005272b9ccbd4f232bafb18d0efbb20_JC.exe
.exe windows:4 windows x86

164fb283064e49736654dbdb13957ef5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
SetFilePointer
GetStringTypeW
WriteFile
TlsGetValue
TlsAlloc
TlsSetValue
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetStdHandle
FlushFileBuffers
PulseEvent
GetSystemPowerStatus
lstrcmpiW
TerminateThread
GetSystemDirectoryW
GetCurrentThreadId
GetVersionExW
SetEvent
InitializeCriticalSection
GetModuleHandleW
CreateEventW
WaitForMultipleObjects
DeleteCriticalSection
GetUserDefaultLangID
GetLastError
GetThreadLocale
GetTickCount
LocalAlloc
lstrlenW
SetLastError
Sleep
FreeLibrary
LoadLibraryW
CreateThread
EnterCriticalSection
LeaveCriticalSection
lstrcpyW
lstrcatW
GlobalAlloc
FormatMessageW
LocalFree
GlobalFree
GetProcAddress
CreateProcessW
WaitForSingleObject
CloseHandle
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess

user32

OpenInputDesktop
SystemParametersInfoW
GetUserObjectInformationW
PostQuitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
GetMessageW
DispatchMessageW
PostThreadMessageW
GetWindowThreadProcessId
FindWindowExW
GetThreadDesktop
PostMessageW
OpenDesktopW
SetThreadDesktop
CloseDesktop
OpenWindowStationW
SetProcessWindowStation
GetLastInputInfo
wsprintfW
GetDesktopWindow
ChangeDisplaySettingsExW
GetTopWindow
GetWindow
GetClassNameW
EnumDisplaySettingsW

gdi32

CreateDCW
DeleteDC
ExtEscape

advapi32

InitializeSecurityDescriptor
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
ConvertStringSidToSidW
FreeSid
RegisterServiceCtrlHandlerW
SetServiceStatus
StartServiceCtrlDispatcherW
RegSetKeySecurity
RegQueryInfoKeyW
RegEnumKeyExW
IsValidSid
RegGetKeySecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetAce
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
AddAce
SetSecurityDescriptorDacl
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
RegOverridePredefKey
SetTokenInformation
CreateProcessAsUserW
GetTokenInformation
LookupAccountSidW

userenv

LoadUserProfileW
UnloadUserProfile

powrprof

CallNtPowerInformation

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

164fb283064e49736654dbdb13957ef5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

userenv

powrprof

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 44KB - Virtual size: 41KB