NEAS[.]0e933c1e16d7c4336b6af2e254d1b890_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.0e933c1e16d7c4336b6af2e254d1b890_JC.exe
Size

1.8MB
MD5

0e933c1e16d7c4336b6af2e254d1b890
SHA1

f8c47fdb1e9f9336296e61d284ca733c892e8eb0
SHA256

0694d3cb7198dd2aedaafe5288e984374a4ee8100a8fc49861436ff614e9d9f3
SHA512

32f3c1daa7609afc5063f660dc876a2e38c692802a1c0b37cdc3a3cb55f7132ae9fd4008f18369b78a7a3a1d25a1b2d85fa32b88357b48b70cf476ac1a821002
SSDEEP

49152:wJSvSZhqdNhmK5RqdYVyLtabMd2kOyVLrC2Z/6IqR2D:wJDdmhk36Is2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0e933c1e16d7c4336b6af2e254d1b890_JC.exe

Files

NEAS.0e933c1e16d7c4336b6af2e254d1b890_JC.exe
.dll windows:6 windows x86

aef61fed778115ad30808fd789d6fc8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
OutputDebugStringW
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
FindAtomW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleFileNameA
LoadLibraryExA
LoadLibraryA
DisableThreadLibraryCalls
GetDriveTypeA
GetCurrentProcessId
GetComputerNameA
SetLastError
GetLastError
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionEx
DecodePointer
GetTickCount
FindResourceA
SizeofResource
LockResource
LoadResource
FreeResource
lstrlenA
lstrcatA
lstrcpyA
lstrcpynA

user32

EnumDisplayMonitors
GetMonitorInfoA
GetSysColor
ClientToScreen
GetWindowRect
GetClientRect
GetParent
IsWindowEnabled
EnableWindow
GetPropA
GetSystemMetrics
wsprintfA
GetDesktopWindow
RemovePropA
MoveWindow
GetFocus
GetPropW
FindWindowA
SetPropA
EndPaint
BeginPaint
ReleaseDC
GetDC
SetFocus
SetWindowPos
DestroyWindow
CreateWindowExA
UnregisterClassA
RegisterClassA
DefWindowProcA
SetPropW
AdjustWindowRectEx
LoadImageA

gdi32

GetStockObject
GetClipBox
CreateSolidBrush
GetObjectA
GetDIBColorTable
CreateDIBSection
SelectObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateDCA
GetCharWidthA
CreateFontIndirectA
CreateCompatibleDC
BitBlt
PatBlt

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
_Inf
?_Xlength_error@std@@YAXPBD@Z

msvcr120

modf
strncpy_s
_errno
isupper
islower
isspace
isprint
toupper
tolower
_strdup
strchr
strncmp
isalpha
strtol
calloc
free
malloc
realloc
__iob_func
fflush
fprintf
fputc
vfprintf
_vsnprintf_s
_snprintf
_close
_read
?_open@@YAHPBDHH@Z
_fstat64i32
__RTtypeid
??9type_info@@QBE_NABV0@@Z
_stricmp
strncat
wcsncpy
atoi
atol
_vsnprintf
_mbsstr
isalnum
_strlwr
acos
cos
sin
memchr
atof
strpbrk
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_except1
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?_wopen@@YAHPB_WHH@Z
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
__clean_type_info_names_internal
mbstowcs_s
strcmp
strrchr
strstr
??_V@YAXPAX@Z
memcmp
_itoa_s
_set_invalid_parameter_handler
__CxxFrameHandler3
_CxxThrowException
clock
memmove
strlen
memset
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
isdigit
sscanf
_HUGE
ldexp
vsprintf_s
labs
isxdigit
_strtoui64

Exports

Exports

PlugInMain

Sections

.text
Size: 847KB - Virtual size: 846KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 465KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aef61fed778115ad30808fd789d6fc8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcp120

msvcr120

Exports

Exports

Sections

.text Size: 847KB - Virtual size: 846KB

.rdata Size: 341KB - Virtual size: 341KB

.data Size: 84KB - Virtual size: 96KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 465KB - Virtual size: 468KB

.text
Size: 847KB - Virtual size: 846KB

.rdata
Size: 341KB - Virtual size: 341KB

.data
Size: 84KB - Virtual size: 96KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 465KB - Virtual size: 468KB