NEAS[.]0272eb4ed5f835e3ea6ff2fcf4e0ee30_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0272eb4ed5f835e3ea6ff2fcf4e0ee30_JC.exe
Size

416KB
MD5

0272eb4ed5f835e3ea6ff2fcf4e0ee30
SHA1

98de986fbe47ce47a42dfa21811ef35370b91d9a
SHA256

d3be39aa630fb7596969d9fa65826667a0e8b8d73c724f28c71127647457ce34
SHA512

4926ec1b3ec0d78442ea498f85cdf37e2a820b6fb04b9829b5d9780bfcd2590e8f2811ebf2624645fac1e1efe3ac4ebc224ef07bef7fe5b8672f24f878aaed7d
SSDEEP

12288:za6FVUDFUizp1fyuuhpJub97+mxcVTXRfd:pUb1fyuu0B7+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0272eb4ed5f835e3ea6ff2fcf4e0ee30_JC.exe

Files

NEAS.0272eb4ed5f835e3ea6ff2fcf4e0ee30_JC.exe
.exe windows:4 windows x86

dc79540d7f7773d6aab7d40d48c36bb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetModuleHandleA
FindClose
GetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
lstrcpynA
_hwrite
GetProcAddress
CopyFileA
_llseek
FreeLibrary
LoadLibraryA
GetModuleFileNameA
lstrcmpA
CreateProcessA
WaitForSingleObject
GetUserDefaultLCID
SizeofResource
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
DeleteFileA
VerLanguageNameA
FindFirstFileA
FindNextFileA
WritePrivateProfileStringA
GetWindowsDirectoryA
GetVersion
lstrcmpiA
GetTickCount
Sleep
GetPrivateProfileStringA
lstrlenA
FindResourceA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SetErrorMode
GetCommandLineA
GetStartupInfoA
ExitProcess
GetDriveTypeA
GlobalFree
WinExec
lstrcpyA
lstrcatA
CompareStringA
GlobalUnlock
SetEnvironmentVariableA
LCMapStringA
CompareStringW
RaiseException
_hread
LCMapStringW
GlobalLock
_lclose
_lread
GetFileSize
FreeResource
GlobalAlloc
LockResource
LoadResource

user32

FillRect
EndDialog
DialogBoxParamA
BeginPaint
EndPaint
KillTimer
SetTimer
SetDlgItemTextA
GetSystemMetrics
MoveWindow
GetDlgItem
SetWindowPos
RegisterWindowMessageA
GetWindowRect
GetClientRect
PostMessageA
CreateDialogParamA
GetDC
ReleaseDC
FindWindowA
SendMessageA
RegisterClassA
CreateWindowExA
IsWindow
LoadStringA
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
SendDlgItemMessageA
GetWindowLongA
CharLowerBuffA
ShowCaret
SetWindowLongA
GetClassInfoA
GetKeyState
LoadCursorA
DestroyCursor
IsRectEmpty
LoadBitmapA
SetFocus
IntersectRect
SubtractRect
EqualRect
ReleaseCapture
CopyRect
UnionRect
SetCapture
SetCursor
DefWindowProcA
GetSysColor
SetWindowTextA
LoadIconA
WaitForInputIdle
SetClassLongA
InflateRect
PtInRect
DrawTextA
DestroyCaret
CharPrevA
CharNextA
PeekMessageA
IsCharAlphaNumericA
IsCharAlphaA
GetCursorPos
SetCursorPos
DrawFocusRect
ClientToScreen
UpdateWindow
EnumChildWindows
IsIconic
IsWindowVisible
ShowWindow
SetCaretPos
CreateCaret
SetCaretBlinkTime
PostQuitMessage
wsprintfA
CharUpperBuffA
DestroyMenu
AppendMenuA
ScreenToClient
InvalidateRect
GetDesktopWindow
ValidateRect
WindowFromPoint
GetScrollPos
MsgWaitForMultipleObjects
GetParent
CharLowerA
EnableWindow
GetDlgItemTextA
GetFocus
IsDlgButtonChecked
CheckRadioButton
GetWindowTextA
GetScrollRange
GetSystemMenu
MessageBoxA
CreatePopupMenu
SetRect
ShowScrollBar
UnregisterClassA
TrackPopupMenu
SetRectEmpty
SetScrollRange
SetScrollPos

gdi32

GetSystemPaletteEntries
SelectObject
UnrealizeObject
Polyline
CreatePolygonRgn
CreateDIBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CreatePalette
GetStockObject
SetTextColor
SetBkMode
DeleteObject
DeleteDC
BitBlt
CreateCompatibleDC
RestoreDC
Rectangle
SetBkColor
CreateHatchBrush
CreateSolidBrush
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
SaveDC
DeleteMetaFile
StretchBlt
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
PlayMetaFile
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SetMetaFileBitsEx
CreatePen
LineTo
MoveToEx
SetPixel
CreateDCA
PatBlt
CreatePatternBrush
CreateFontIndirectA
EnumFontFamiliesA
EnumFontsA
GetTextExtentPointA
GetTextMetricsA
StretchDIBits
GetPixel
Arc
CreateRoundRectRgn
CreateEllipticRgn
Polygon
RoundRect
Ellipse
SetTextCharacterExtra
TextOutA
GetObjectA
SetTextAlign
ExtTextOutA

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

ds32

ord26
ord20
ord27
ord25
ord18
ord23
ord22

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime
mciSendCommandA

shell32

ShellExecuteA

Exports

Exports

AppEnumWindows
DemoClosingDialog
DemoMenuDialog
DemoSplashDialog
EventProcDll
FonEnumNames
LaunchAppProc
PlayerAbout
ServerWndProc
TeWndProc
WinSupBackWndProc
WinSupWndProc

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc79540d7f7773d6aab7d40d48c36bb3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ds32

version

winmm

shell32

Exports

Exports

Sections

.text Size: 276KB - Virtual size: 272KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 16KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 16KB - Virtual size: 14KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 276KB - Virtual size: 272KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 16KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 16KB - Virtual size: 14KB

.rmnet
Size: 60KB - Virtual size: 60KB