NEAS[.]190c99cdc76f9f712dfe938d9f8c24e0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.190c99cdc76f9f712dfe938d9f8c24e0_JC.exe
Size

1.0MB
MD5

190c99cdc76f9f712dfe938d9f8c24e0
SHA1

cd06eca735ffbccf8c00195c217a0a2601275435
SHA256

154d480afc85ebc7a0d14e979b5f95624b514f53868bc7416615c1d82d5051e3
SHA512

0a2232d892e1924a01e349ab0738de17d9264329a4a5d923df9ddfb38c65fbab2b650b0f8cdea2d4d7c72a2042925566eb848af880fe996bca055c15db366966
SSDEEP

24576:XeQaIb8j4Uafj/gP+YEJAXN/iTESxcgqIu:uQfbhfjvKXN/eES4Iu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.190c99cdc76f9f712dfe938d9f8c24e0_JC.exe

Files

NEAS.190c99cdc76f9f712dfe938d9f8c24e0_JC.exe
.dll windows:4 windows x86

332a94291d03c13bde8fd984a1bb11af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
RaiseException
GlobalFlags
InterlockedIncrement
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
ExitThread
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetModuleFileNameA
TlsFree
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadLibraryW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
InterlockedDecrement
GetLastError
SetLastError
MulDiv
lstrcpyW
GlobalAlloc
FormatMessageW
LocalFree
lstrcpynW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TryEnterCriticalSection
GetThreadContext
IsDebuggerPresent
OpenProcess
VirtualProtectEx
GetLocalTime
VirtualQueryEx
CreateToolhelp32Snapshot
Module32FirstW
FreeLibrary
Module32NextW
GetModuleFileNameW
CreateEventW
ResetEvent
CreateThread
GetCurrentProcessId
GetProcAddress
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReadFile
CreateFileA
DeviceIoControl
CreateFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
CloseHandle
WideCharToMultiByte
Beep
MultiByteToWideChar
ResumeThread
LeaveCriticalSection
EnterCriticalSection
SuspendThread
InitializeCriticalSection
WaitForSingleObject
TerminateThread
FindFirstFileW
FindNextFileW
FindClose
FindResourceW
LoadResource
SizeofResource
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
LockResource
WriteProcessMemory
GetModuleHandleW
SetEvent
GetTickCount
ReadProcessMemory
Sleep
GetCurrentProcess
UnhandledExceptionFilter
TerminateProcess
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

ValidateRect
PostQuitMessage
DestroyMenu
CharUpperW
EndPaint
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
wsprintfW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassLongW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
PostMessageW
GetSubMenu
GetMenuItemCount
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
SetWindowPos
SystemParametersInfoA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DrawFocusRect
WindowFromPoint
ClientToScreen
OffsetRect
DrawStateW
KillTimer
InvalidateRect
CopyRect
UnionRect
SetRectEmpty
GetSysColor
SetWindowTextA
MessageBoxA
SendMessageA
LoadCursorW
SetWindowsHookExW
SendInput
SetWindowRgn
RegisterHotKey
UnregisterHotKey
SetWindowLongW
RemovePropW
GetWindowDC
TrackMouseEvent
CallWindowProcW
FillRect
SetPropW
DrawTextW
EnumWindows
LoadMenuW
LoadBitmapW
PtInRect
GetTopWindow
GetWindow
IsWindowVisible
ShowWindow
CallNextHookEx
GetDesktopWindow
MessageBoxW
GetClassNameA
GetWindowThreadProcessId
SetTimer
GetWindowRect
GetMenuStringW
AppendMenuW
CreatePopupMenu
GetParent
GetWindowTextW
GetClassInfoExW
RegisterClassExW
GetWindowLongW
GetWindowPlacement
CreateWindowExW
DestroyWindow
ReleaseDC
GetSysColorBrush
GetMessageW
GetMenuItemID
TranslateMessage
GetDC
ExitWindowsEx
GetPropW
GetKeyState
UnregisterClassW
LoadImageW
GetDlgItem
SetWindowTextW
GetSystemMetrics
IsWindow
LoadIconW
GetFocus
GetClientRect
IsIconic
DrawIcon
InflateRect
SetRect
SetCursor
GetClassNameW
GetCursorPos
EnumChildWindows
EnableWindow
ScreenToClient
SendMessageW
MessageBoxA

gdi32

SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
MoveToEx
CreatePen
Ellipse
Polygon
GetTextColor
GetBkColor
GetDeviceCaps
ExtTextOutW
SetStretchBltMode
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
GetStockObject
Rectangle
RoundRect
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
CombineRgn
CreateEllipticRgnIndirect
CreateRectRgnIndirect
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
LineTo

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
AdjustTokenPrivileges
RegSetValueExW

comctl32

ImageList_Draw
_TrackMouseEvent
ord17
ImageList_Destroy

shlwapi

PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit

ws2_32

htons
connect
WSAIoctl
inet_addr
closesocket
recv
send
shutdown
setsockopt
socket

winmm

PlaySoundW

iphlpapi

GetAdaptersInfo

Exports

Exports

�K2��Ϙ4M.,�V��Z��i��4-�%�+�0# �"�� '7V@&��H��\�l�_��QA��y�M&��}'=z��f��%�IAO*ʯ%e��:��A�F>�7e��RI��痃�WBń�$�E^��Y��izOԢ�G��_ӷ� �A��w��G�ry��y�q�-�� 뜎B9�q�?�->m�IЮ:��GZ˸�'��\zۈ�>�Q��B/��?K�k�0.�.�Og�T�1��E�'��:�b�F�� Lϯ��0A9�}��PR�wt�H��y��8�W��1�e��+JaMɳ:T ekVc�CI{��ŭ��H��oh��M��[%�bE�)5�ɧc�Ԁ��a#��.T��K�'T@�ky4Vi��znbl��A'j�q�ɂK#a`O��!$�ErOg�-�t� rt��O��֛�_-V�#��6��8~��6��5 S'�^wVj��p7��*��jC�*E}5�Q]q�ڔ�\"�,�H��j̮�P��w��suv{!�콿h:̜�T�s��Gu��ru�,Q�Q-��D�+M��"e��;� D��\%�6��2+HH�ڢ�c�c0L��NuV�$=�dC��ٛ^�Pdd��B��ћn��S@��G��G��c�l��a�1�7� ��~t�?<v�5X�pď(�݀ I��Bvh"ʚ��ضq�"�صl&��D�;�R�'q��xk6��!(n%� �hx2�a��*��(j3 �윚9S��^�@��R:��X7 ^ �2#�� 6F z��ԛ�z"�,�ҙ�ɤ$��4��U��:B38�L�e��Z��4��ԨU��P�� ;��{KxE�B��n�va��B�L�h��3�qa��w��݋,cu;�ڶ�bp�~\��ʩK�&�%�v��T�&alO5�b�o�ԓ5��ݬ�q�*��o��>l�,�e�4�@�h�8��3A��u��2_��ٻ/]��Vfix9!��Y�� J{V ;�P��7f��.PdG�c9��j�X-��\�l.JBf��2��_@��.�u�s��3~w ��L�v�2s��kn1C&�Y�9�^��Z��>C��9��'�yi��+�?��S�ָ�w��Cw9�ΰ�0f6��{�ûf��c/�'��[A��a3�T3e��^�%��VQ�7�[`�R�m�&z �%/?�>�a��J$_��;I@�9�I��U�2��N�ԉ�ƚc �R5��Q��?a,�}�q�wO��{Y�~"�-�s��E��ɑbX} �q�$��(�Z%��9r��uh��5�o�i^ƃ{{�L&��R�0�Y?��XO��0*B�.�)��9q��of�X�� 5��KI!�yU��?��Ŭܹb��-�L�;,��7M��4�h_�|�w��~��s=��2@��Sj��j�A6��K��U?'�V�.b��6�$ϭ3�Ei��2��p�� 6F�q�f+.�k��(�OY��J`$�s'��og�3��V%�5r��] ��paGP�[ �v�W��B y��[I|�W�T=]�T��K7(i�^��q��Sy��#jfobEP� b�e}�6�R��`\��Go�,��.zg`��IuboCC�ܖ�.h�w�%w(�ސv�%��?΄]�b�LQC�/��Ǔ�媺$�MpJ��"-�yH��lк@F�� G�`9\q!�t�G�!��#�兴�~�w�6��5�*��_'�\��|ڹ��c��E��j�ad�:�a��,p��$��M͉6 d"��P��jV��=c��q|��}q�ⰰ3�e.�!��"<�J��8R��[��h�NT�C甈��(�^.��'��n��5�i�6쁠�T�ϸ:��9$��q�� $�`�r�R��)��"��j�*�}fO��Ms�g:F��K��d�A6p3�Q��-��a�+�EE?}�o��=;��.|��kS2G(̈⇓�/�&8�1��ܰ��R�ܿ'�^Ekӧ��U��s�n�5�]��S��1��/3�ã~j�t�p��krb�3ēPe��2yx�X�35�6��*Z3� �RL�Ǫ��_V��-9.&�E#�َ��}��z4��p��;_BA@/R�Yٱ� �h� S�8�!3|�c�~x�9ߴ�d\��+�_�͍�dx�'�p��(��n�+�OEְD�~搢�nV%y]�-_�Ok��,w�AA��~�;0q��:@��EMݶY�2CQ��!<��I�:�UA��Cʈ�4�tL ��(V��d>t%��{��lN��K,��`�� T��/,R�r�7WaȐU1�Om� m��jFL�yT �X��t�� (��P��V��l��t5r�S`Е�s�c� ��܂��~h��)ٿ�q"Z��/T8w�a��x'`�<w�a��I;y��%2��q�-lC^X6�0D��-�� ~O��cN�W�R}�Z��ldVt�E1j��n[ߡF�Sy��㻊\� ��#`�f�h��lr%��+�?�.wM�nS̡m��"�Hy�_��)q��ԑ��gZ�n��E��{��}��إpZ��P�O��/)�>��,��1�!��(��$��y��`�uۺbM�j�D�"h��R��Q�QxCˀ��,h�Y�^j@8i��d�7ԯ#�?L�\��^��ŷ ��Z�7rE7^TQ��o�7^ (�b��~?�>`�L�>;��a/�Q.��:'��l <�q۷�� >g�v�3��h��&�\ c� ��3?Y�5qޘ��s �� eS�}$V�*=� �70C=V:e��

Sections

.text
Size: 416KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text0
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

332a94291d03c13bde8fd984a1bb11af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

ws2_32

winmm

iphlpapi

Exports

Exports

Sections

.text Size: 416KB - Virtual size: 413KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 20KB - Virtual size: 42KB

.rsrc Size: 120KB - Virtual size: 116KB

.text0 Size: 56KB - Virtual size: 54KB

.text1 Size: 260KB - Virtual size: 259KB

.tls Size: 4KB - Virtual size: 24B

.text2 Size: 44KB - Virtual size: 43KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 416KB - Virtual size: 413KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 20KB - Virtual size: 42KB

.rsrc
Size: 120KB - Virtual size: 116KB

.text0
Size: 56KB - Virtual size: 54KB

.text1
Size: 260KB - Virtual size: 259KB

.tls
Size: 4KB - Virtual size: 24B

.text2
Size: 44KB - Virtual size: 43KB

.reloc
Size: 36KB - Virtual size: 35KB