NEAS[.]067ecee2ecd9328b539aa87d37b53a90_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.067ecee2ecd9328b539aa87d37b53a90_JC.exe
Size

96KB
MD5

067ecee2ecd9328b539aa87d37b53a90
SHA1

a078ae51452c81f33eead30e955c0294a854e555
SHA256

02639ae6c60ad0478ed2845b91bd82a3d782ee693da866b7b1818c7fe6368e8c
SHA512

73bdb75a555ac7bc083e47c067b0eb79eeef413a1b4eb6f9d6ffdef1d205679557344e017c555a6b8500d6b61ea28569ddb68925cb796c1acab2095a6c280dd7
SSDEEP

1536:vpYkxGVprOQAyx2vBSiDa1x7Af0pdGunTViW30JMdDpIrUGeVZ0yjF0m81M:xYkmplAyx2ZcNIsGuD3Bb0luzFaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.067ecee2ecd9328b539aa87d37b53a90_JC.exe

Files

NEAS.067ecee2ecd9328b539aa87d37b53a90_JC.exe
.exe windows:5 windows x86

b1db02e403456c873356fbc1345efafd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

msvcrt

exit
__p__fmode
atan
strlen
_exit
fputc
strcmp
strstr
_initterm
_XcptFilter
calloc
_acmdln
_except_handler3
free
__getmainargs
__set_app_type
_write
__p__commode
fwrite
__setusermatherr
_adjust_fdiv
strncpy
printf

kernel32

InterlockedCompareExchange
LCMapStringW
GetStringTypeExA
GetFileTime
IsBadCodePtr
GetStartupInfoA
VirtualFree
IsDBCSLeadByte
LocalFileTimeToFileTime

advapi32

RegSetValueExW
RegEnumValueW
OpenSCManagerA
RegDeleteKeyW
RegEnumKeyA
CopySid
AdjustTokenPrivileges

shell32

SHAppBarMessage
SHBrowseForFolderW
SHCreateDirectoryExW
DragFinish
DragAcceptFiles
SHGetDesktopFolder
ShellExecuteEx
DragQueryFileW
SHGetSpecialFolderPathA

comctl32

ImageList_SetIconSize
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Remove
ImageList_Replace

gdi32

SetViewportExtEx
SetPixel
GetEnhMetaFileHeader
SetTextAlign
SelectClipPath
SetRectRgn
GetNearestPaletteIndex
LineDDA

user32

GetMenuStringA
GetClassInfoA
OemToCharA
InsertMenuA
GetLastActivePopup

ole32

OleUninitialize
PropVariantClear
IsAccelerator
CoGetInterfaceAndReleaseStream

oleaut32

LoadTypeLib
SafeArrayUnaccessData
GetErrorInfo

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1db02e403456c873356fbc1345efafd

Headers

File Characteristics

Imports

comdlg32

msvcrt

kernel32

advapi32

shell32

comctl32

gdi32

user32

ole32

oleaut32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 26KB - Virtual size: 92KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 26KB - Virtual size: 92KB