NEAS[.]1196cb6242c4803484c7722979fcd8e0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1196cb6242c4803484c7722979fcd8e0_JC.exe
Size

380KB
MD5

1196cb6242c4803484c7722979fcd8e0
SHA1

07fdb5f4365c379dbbe141a4d5cf28d2cafe9fa1
SHA256

3adac607ba06c008dac0db205ba69fce3bc40f958c6e4cc8b5099fa012d7f73e
SHA512

2d11cd103fbc8585fb38db0c27678b738836982209de0b3b690328b62c6a870338d9ed7c1d6092e209707920ecfb3e789d9f7598ad9aafbb143a681bcc4f6e23
SSDEEP

6144:FfOCq4YWpcR8FJu79bHxudqgiQnys3E5nU1O6+769mbkN:F2C3Ju9Rudq+n25U1O6+76c+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1196cb6242c4803484c7722979fcd8e0_JC.exe

Files

NEAS.1196cb6242c4803484c7722979fcd8e0_JC.exe
.exe windows:4 windows x86

d9b49bbac052f1542135c0ae4eeaf435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamRelease
AVIStreamGetFrame
AVIStreamInfoA
AVIStreamStart
AVIStreamSampleToTime
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIFileExit
AVIStreamGetFrameClose
AVIFileInit

msvfw32

DrawDibClose
DrawDibDraw
DrawDibOpen

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetOEMCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
lstrlenA
CompareStringA
CompareStringW
GetVersion
MultiByteToWideChar
InterlockedExchange
WideCharToMultiByte
CreateMutexA
GetLastError
FindResourceA
LoadResource
SizeofResource
LockResource
GetTempPathA
GetTickCount
Sleep
DeleteFileA
CopyFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
CloseHandle
WaitForSingleObject
GetVersionExA
CreateProcessA
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
GetCPInfo
FileTimeToSystemTime
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
GlobalLock
GlobalAlloc
GlobalFree
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
SetLastError
GlobalFindAtomA
lstrcmpW
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
WritePrivateProfileStringA
FreeResource
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetConsoleCP

user32

RegisterClipboardFormatA
PostThreadMessageA
CharNextA
SetCapture
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
ScreenToClient
EqualRect
CopyRect
DefWindowProcA
CallWindowProcA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindowTextA
SetFocus
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetLastActivePopup
UnregisterClassA
DestroyMenu
IsWindowEnabled
MessageBoxA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
AdjustWindowRectEx
CopyAcceleratorTableA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
ReleaseDC
FindWindowA
LoadCursorA
LoadIconA
ReleaseCapture
GetWindowLongA
SetCursor
PtInRect
GetCursorPos
GetSystemMetrics
KillTimer
SetTimer
InvalidateRect
GetSysColor
OffsetRect
GetWindowRect
GetClientRect
IsWindow
EnableWindow
PostMessageA
SendMessageA
GetDC
GetParent
CharUpperA

gdi32

SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
SaveDC
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetBkMode
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleViewportExtEx
RestoreDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetTextMetricsA
GetTextExtentPoint32A
CreateFontA
CreateBitmap
CreateCompatibleBitmap
BitBlt
ExtTextOutA
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathIsUNCA

oledlg

ord8

ole32

CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
LoadTypeLi
SysFreeString

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipFree
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage
GdipLoadImageFromFileICM

Sections

.text
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b49bbac052f1542135c0ae4eeaf435

Headers

File Characteristics

Imports

avifil32

msvfw32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 272KB - Virtual size: 268KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 272KB - Virtual size: 268KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 24KB - Virtual size: 20KB