NEAS[.]1098b2b1eabf3b8a359f389893dce6c0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1098b2b1eabf3b8a359f389893dce6c0_JC.exe
Size

355KB
MD5

1098b2b1eabf3b8a359f389893dce6c0
SHA1

e9c828cc197b64bf9987aa5776ac9c8a50da49b4
SHA256

6b0a1a9bc459b561c469293bf270c6d1cbd3acb14240462f9fcd6d79e6684aba
SHA512

046c485711333ec2f47816b157db127b45ab6727ca3e18a14ec10add0e4bf4f943854cf01497bc3a84f32efc4410d5862ced17715f07dc50152161c2fd2d6dc2
SSDEEP

6144:B/iffN6o62MSYbE/9LyyQXFONjxAQ7z/YYPvLvcdrLJ0jQ:JiHYoxMnQ/kywYpxV7z/Y4irEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1098b2b1eabf3b8a359f389893dce6c0_JC.exe

Files

NEAS.1098b2b1eabf3b8a359f389893dce6c0_JC.exe
.dll windows:6 windows x86

e8fde26bd778f8b61c378e64a770e253

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SwitchToThread
GetCurrentThreadId
CloseHandle
QueryPerformanceCounter
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetSystemTimeAsFileTime
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
SetCurrentDirectoryA
GetCurrentDirectoryA
EnterCriticalSection
LeaveCriticalSection
Sleep
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead

vcruntime140

__std_type_info_destroy_list
__RTDynamicCast
_except_handler4_common
__current_exception_context
memset
memmove
memcpy
_purecall
__std_terminate
__CxxFrameHandler3
_CxxThrowException
__current_exception

api-ms-win-crt-string-l1-1-0

strlen
strtok_s
strcmp

api-ms-win-crt-convert-l1-1-0

_ui64toa_s
_itow_s
_ltow_s
_ultow_s
_i64toa_s
_i64tow_s
_ui64tow_s
_ultoa_s
_itoa_s
_ltoa_s

api-ms-win-crt-filesystem-l1-1-0

_makepath_s
_splitpath_s

api-ms-win-crt-stdio-l1-1-0

ftell
__stdio_common_vfwprintf_s
fread
fopen
__acrt_iob_func
fflush
ferror
feof
fwrite
gets_s
__stdio_common_vfprintf_s
__stdio_common_vsnprintf_s
fseek
fclose
__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
terminate
_errno
_invalid_parameter_noinfo
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

_except1
log

api-ms-win-crt-heap-l1-1-0

free
malloc

Exports

Exports

BIBGetGetProcAddress
BIBGetVersion
BIBInitialize
BIBInitialize2
BIBInitialize3
BIBInitialize4
BIBLockSmithAssertNoLocksImpl
BIBLockSmithDeleteImpl
BIBLockSmithLockImpl
BIBLockSmithUnlockImpl
BIBTerminate

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8fde26bd778f8b61c378e64a770e253

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 244KB - Virtual size: 244KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 244KB - Virtual size: 244KB