NEAS[.]090dd1ffb9434e1519696c3d1dab6a60_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.090dd1ffb9434e1519696c3d1dab6a60_JC.exe
Size

36KB
MD5

090dd1ffb9434e1519696c3d1dab6a60
SHA1

beedaf73b77aa3ae722179162fa2645a33e0e6f1
SHA256

25f584c0b8256a1972b5079dc8c02d244d5dc99274c3c800bc856a4d3b0fe9d1
SHA512

514c85d7b9a8f927528649e3c35c06ae95aae824bdfbb65f9d1f160469d0b960cb0f7f3c5e589420d5b715c10412cb297e6d50068aaa98554c82b0beb28d8d83
SSDEEP

768:SI2wnqP3vjFVw8KxFl2cgE56Mc90uL2pqEDQ5Q6nIZdnrkG2Q3:SI2AxFl2/E5Pc90uLstDDbnrkG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.090dd1ffb9434e1519696c3d1dab6a60_JC.exe

Files

NEAS.090dd1ffb9434e1519696c3d1dab6a60_JC.exe
.dll windows:1 windows x86

c055c2223f3fdfa66fdd9dcfae753325

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
lstrcpynA
lstrlenA
GetCurrentThreadId
TlsSetValue
GetModuleHandleA
WideCharToMultiByte
GetEnvironmentStrings
GetCommandLineA
GetVersion
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualFree
lstrcpyA
GetLastError
GetOEMCP
MultiByteToWideChar
TlsAlloc
TlsFree
TlsGetValue
GetModuleFileNameA
GetACP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile

user32

wsprintfA
CharUpperBuffA
LoadStringA

Exports

Exports

ByteToText
EventNumber
ExchGetID
ExchGetOrganization
ExchGetPath
ExchGetSite
ExtractString
UFEndJob
UFErrorRecovery
UFGetFunctionDefStrings
UFGetFunctionExamples
UFGetFunctionTemplates
UFGetVersion
UFInitialize
UFStartJob
UFTerminate

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c055c2223f3fdfa66fdd9dcfae753325

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.bss Size: - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 92B

.data Size: 8KB - Virtual size: 7KB

.idata Size: 1024B - Virtual size: 964B

.edata Size: 512B - Virtual size: 446B

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 92B

.data
Size: 8KB - Virtual size: 7KB

.idata
Size: 1024B - Virtual size: 964B

.edata
Size: 512B - Virtual size: 446B

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB