NEAS[.]0509e7283a35c7f9af6807dc62a94ea0_JC[.]exe

General

Target

NEAS.0509e7283a35c7f9af6807dc62a94ea0_JC.exe
Size

60KB
MD5

0509e7283a35c7f9af6807dc62a94ea0
SHA1

f9a2b7e11f0350cfb341f3b6682a3c8fcacf9760
SHA256

52206f099e57102464aaf148f842c4af728051d9a252c4acbf0aa21b46ab9863
SHA512

854177e1145c6cf8989be153e5588ed48560b43ef966fdfd59ff8cc05ac2700f494c28052f5264a9024d8ee30f38bfacf7bbcc10e1945f28f5d15e9379627fe5
SSDEEP

768:qRdf3v91ynFDsX7FIhEORx1i7i0wyYKcPh3pim:q/vv9qNsXyli7iRwc9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0509e7283a35c7f9af6807dc62a94ea0_JC.exe

Files

NEAS.0509e7283a35c7f9af6807dc62a94ea0_JC.exe
.exe windows:4 windows x86

16d60488ef589fe83363b41588ab65ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetProcAddress
HeapFree
LoadLibraryA
GetModuleHandleA
GetProcessHeap
CopyFileA
DeleteFileA
SetFilePointer
SetFileAttributesA
WriteFile
ReadFile
GetCurrentDirectoryA
LeaveCriticalSection
GetFileSize
GetStartupInfoA
CreateDirectoryA
GetFileAttributesA
CloseHandle
CreateFileA
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
HeapAlloc
HeapReAlloc
InitializeCriticalSection

msvcrt

_controlfp
_except_handler3
_onexit
__dllonexit
__p__commode
__set_app_type
__p__fmode
_initterm
_adjust_fdiv
__setusermatherr
_XcptFilter
__getmainargs
_acmdln
_exit
vsprintf
_rmdir
strlen
sprintf
strchr
_purecall
strcpy
free
time
exit
strstr
__p___argv
_itoa
__CxxFrameHandler
??2@YAPAXI@Z
strcat
strcmp
memset
memmove
realloc
strncmp
memcpy
malloc
strncpy

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d60488ef589fe83363b41588ab65ae

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB