NEAS[.]0294472ff3505d3901b2a1130dca5450_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0294472ff3505d3901b2a1130dca5450_JC.exe
Size

6.1MB
MD5

0294472ff3505d3901b2a1130dca5450
SHA1

ab789788cb96df87d93e3b1a9e357ea7158a076b
SHA256

10d30c81b072bb897bf0a9b31471294f7b9f3d869b5c62f7be52b39c7908239a
SHA512

2a3a63abb31dd3e3c26835e3567b67a5a0365af93043da323aa129cec377f506efa9cd4d8fa1d05570a1a341f63d7c3c991fe07d39faa08b6cef926b68090196
SSDEEP

98304:1dA8td6TIQgw7leCpuTHkfryCsJk+g55caIcXsUmYljsof/IJhbKPYamr3ldu:1ttUxgCgCpuTrCsJKjIYsgllfsBgAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0294472ff3505d3901b2a1130dca5450_JC.exe

Files

NEAS.0294472ff3505d3901b2a1130dca5450_JC.exe
.dll windows:6 windows x86

4f67a4a6c83f9468b305370baff31940

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW
HeapCreate
GetStartupInfoW
GlobalUnlock
SetLastError
CreateFileMappingA
GetExitCodeThread
WinExec
FindFirstFileW
GetModuleFileNameW
LeaveCriticalSection
SetEndOfFile
CreateFileW
ReadConsoleW
WriteConsoleW
OutputDebugStringW
SetStdHandle
LoadLibraryExW
GetSystemTimeAdjustment
GetLocaleInfoW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
CloseHandle
GetFileType
GetStdHandle
HeapSize
AreFileApisANSI
IsValidLocale
SetCommTimeouts
ClearCommBreak
GetSystemTimeAsFileTime
WaitForSingleObjectEx
WaitForSingleObject
GetSystemDefaultUILanguage
VirtualQuery
ExitProcess
ExpandEnvironmentStringsW
CreateEventW
IsDBCSLeadByteEx
GetPrivateProfileIntW
CreateProcessA
GetACP
SizeofResource
InitializeSListHead
GetCommandLineA
SetCommState
CreateDirectoryW
GetModuleHandleExW
GetProcessHeap
IsDebuggerPresent
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
HeapReAlloc
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesW

user32

SetRect
DrawStateW
SendDlgItemMessageA
IsIconic
UnionRect
ScrollWindow
EndPaint
ClientToScreen
SetWindowRgn
GetSubMenu
GetWindowInfo
DestroyCaret
GetSysColorBrush
BeginDeferWindowPos
GetWindowRect
TrackPopupMenu
MessageBeep
ShowCaret
SetDlgItemInt
MessageBoxA
GetDlgItem
CheckRadioButton
SystemParametersInfoA
ReleaseCapture
LoadCursorA
TranslateMDISysAccel
GetClassNameW

gdi32

GetObjectW
CreatePatternBrush
GetClipBox
CreatePolygonRgn
GetWindowOrgEx
ExtFloodFill
DeleteObject
PtInRegion
IntersectClipRect
CreateFontA
SetBkColor
SetPixel
GetCurrentPositionEx
CreateCompatibleDC

comdlg32

GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegOpenKeyExA
RegSetValueExW
LookupPrivilegeValueW

oleaut32

SafeArrayGetUBound
VariantInit
SafeArrayCreate

Sections

.text
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f67a4a6c83f9468b305370baff31940

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Sections

.text Size: 480KB - Virtual size: 480KB

.data Size: 5.6MB - Virtual size: 5.6MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 480KB - Virtual size: 480KB

.data
Size: 5.6MB - Virtual size: 5.6MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 12KB - Virtual size: 11KB