NEAS[.]0c58bde0a7099ca4a3eaf942206c7e50_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0c58bde0a7099ca4a3eaf942206c7e50_JC.exe
Size

3.5MB
MD5

0c58bde0a7099ca4a3eaf942206c7e50
SHA1

5a82c8736599f686cfbd2254f8992de080c3085b
SHA256

072f50432d0620571b6248e79be08b9206803b368c1445530be5c8403c6cd8c2
SHA512

2fb46d3787bccc02d549d9b94a9d2a86e236b7df112c62865642085bbafcc11309495ea2a489274764b0528079b722acb4afe05b03f035fa6902659a0b427961
SSDEEP

49152:SIjQTqSgattn/IjRaf8JRF60s8qVeQFbbjscy/fCy6xk5bH1jaT1Rd7O6bQ:FkgiJ/Kaf8Jo8qVeQFzy/qujetOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0c58bde0a7099ca4a3eaf942206c7e50_JC.exe

Files

NEAS.0c58bde0a7099ca4a3eaf942206c7e50_JC.exe
.dll windows:6 windows x86

666535d8bb2d69b4daa736c279fa303f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetGetConnectedState

comctl32

InitCommonControlsEx

kernel32

ExitProcess
CreateFileW
SetStdHandle
FlushFileBuffers
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
CloseHandle
GetConsoleCP
ReadConsoleW
GetConsoleMode
LoadLibraryExW
OutputDebugStringW
SetFilePointerEx
GetTimeZoneInformation
LockResource
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
HeapSize
WriteFile
AreFileApisANSI
GetProcAddress
GetProcessHeap
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceA
GetCurrentProcessId
GetModuleFileNameA
GlobalUnlock
WideCharToMultiByte
GlobalLock
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetEnvironmentVariableA
EnterCriticalSection
SetEndOfFile
SetLastError
GetCPInfo
GetOEMCP
GetACP
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
EncodePointer
DecodePointer
RaiseException
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ReadFile
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage

user32

DrawTextW
EndPaint
ClientToScreen
DestroyWindow
CloseClipboard
GetClassNameA
SetTimer
ScreenToClient
GetWindowRect
TrackPopupMenu
SetCapture
GetKeyState
IsClipboardFormatAvailable
GetParent
TrackMouseEvent
SetFocus
SendMessageA
BeginPaint
EnumWindows
GetUpdateRect
GetCapture
ShowCursor
SetWindowLongA
MessageBoxA
InvalidateRect
SetCursorPos
GetAncestor
UnregisterClassA
GetWindowLongA
GetClipboardData
CreateWindowExA
PeekMessageA
DefWindowProcA
SetWindowPos
GetCursorPos
CreatePopupMenu
AppendMenuA
OpenClipboard
ReleaseCapture
SetWindowTextA
UpdateWindow
CallWindowProcA
DestroyMenu
LoadCursorA
ValidateRect
GetWindowThreadProcessId
RegisterClassA

gdi32

DeleteDC
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
BitBlt
SetTextColor
SetBkColor
SetBkMode
GetStockObject
CreateFontA
GetTextMetricsA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA
ShellExecuteA

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

666535d8bb2d69b4daa736c279fa303f

Headers

DLL Characteristics

File Characteristics

Imports

wininet

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 142KB - Virtual size: 142KB

.data Size: 7KB - Virtual size: 31KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 142KB - Virtual size: 142KB

.data
Size: 7KB - Virtual size: 31KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 12KB - Virtual size: 12KB