NEAS[.]096ae2800b9c62d6f942a568573889a0_JC[.]exe

General

Target

NEAS.096ae2800b9c62d6f942a568573889a0_JC.exe
Size

44KB
MD5

096ae2800b9c62d6f942a568573889a0
SHA1

63036208f08f633fdd02a7d83b82a6c51febc574
SHA256

f2030eb61025cb0a1c077c9d4033867f3ea73e7e2b23eaee4efbd4fb760d3062
SHA512

233411a30926a2d846177c6a31e60172c95321ef06dd95fe7244cfa764ea6c5eab65e3fc52a9b678da3ec7a0a2774c291817c321f33e901d45a03f4178b4812c
SSDEEP

768:QWkQPAyHj+fPXZmCih/iB9kQzFv7O/FSoW:tk0AwjyvIvcFjOMo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.096ae2800b9c62d6f942a568573889a0_JC.exe

Files

NEAS.096ae2800b9c62d6f942a568573889a0_JC.exe
.exe windows:0 windows x86

0044a06ff18a177e422d8066fcc6b883

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

kernel32

RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
lstrlenA
lstrcpyA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LCMapStringW

user32

DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

DeleteObject
GetTextExtentPoint32A
BeginPath
TextOutA
EndPath
StrokePath
GetStockObject
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
GetDeviceCaps
DPtoLP
CreateFontIndirectA
SelectObject
GetTextMetricsA
RestoreDC

Sections

_text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

_rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0044a06ff18a177e422d8066fcc6b883

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

_text Size: 24KB - Virtual size: 24KB

_rdata Size: 4KB - Virtual size: 4KB

_data Size: 12KB - Virtual size: 12KB

_text
Size: 24KB - Virtual size: 24KB

_rdata
Size: 4KB - Virtual size: 4KB

_data
Size: 12KB - Virtual size: 12KB