NEAS[.]614bc484b093d65d53aa08b9df70b700_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.614bc484b093d65d53aa08b9df70b700_JC.exe
Size

160KB
MD5

614bc484b093d65d53aa08b9df70b700
SHA1

c40da8983b7d191e6740036f2e174fdef01d000e
SHA256

d6befc3aa13c445d1699236de118b1f52a83816ab470d2616d2a245f9bb5bcd8
SHA512

5e01de76cce20ca269266242ae91931fac8e09da9d6122f02f8172356b3918d1c4470bf7b15fc6ecf9b6572b31e8efd59b5cc69225ebb294a3f92c150d4c5836
SSDEEP

768:JzpxG3v0EhrkRHWQ7EVFl9MzNxC7ewXGewIYFPCk9YL7Haw9chclFu4Qd+zDpxXV:JB4rkRQPMz3kYFake3Haw9cA9NzQXN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.614bc484b093d65d53aa08b9df70b700_JC.exe

Files

NEAS.614bc484b093d65d53aa08b9df70b700_JC.exe
.exe windows:4 windows x86

9701269306996c279f4c009781f933d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42d

ord2341
ord2432
ord2339
ord3143
ord3144
ord3142
ord2431
ord3367
ord3784
ord3657
ord2021
ord1285
ord4492
ord2986
ord528
ord728
ord706
ord2585
ord717
ord1041
ord4302
ord2291
ord736
ord4230
ord3827
ord2682
ord2023
ord1287
ord2988
ord531
ord2105
ord708
ord1043
ord1190
ord2473
ord3691
ord2584
ord2481
ord2340
ord4408
ord4215
ord4239
ord3826
ord3366
ord2104
ord4229
ord4227
ord2661
ord1789
ord4130
ord1033
ord3231
ord1100
ord4415
ord1860
ord1880
ord3702
ord5077
ord3552
ord5094
ord4266
ord492
ord2168
ord487
ord2640
ord342
ord4123
ord880
ord2636
ord4258
ord5086
ord1510
ord590
ord684
ord1122
ord1712
ord2422
ord302
ord2993
ord562
ord1179
ord711
ord1734
ord721

msvcrtd

memcpy
_except_handler3
_controlfp
_setmbcp
memset
_ftol
sprintf
strcpy
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_CrtDbgReport
_purecall
__CxxFrameHandler
strncmp
strlen
_adjust_fdiv

kernel32

GlobalAlloc
GlobalUnlock
GlobalLock
GetModuleHandleA
GetStartupInfoA
GlobalSize
GetTickCount
GlobalFree
WinExec
GetCurrentProcess
Sleep
DeleteFileA
SetFileAttributesA
MoveFileA
GetLocalTime
GetCurrentProcessId
CreateFileMappingA
WaitForSingleObject
TerminateProcess
OpenProcess
UnmapViewOfFile
CloseHandle
MapViewOfFile
OpenFileMappingA
GlobalReAlloc
ExitThread
TerminateThread

user32

MessageBoxA
PostMessageA
ExitWindowsEx
ShowCursor
SystemParametersInfoA
EnableWindow
keybd_event
mouse_event
SetCursorPos
GetSystemMetrics
GetDC
GetDesktopWindow
GetWindowDC
ReleaseDC
GetWindowRect

gdi32

SetDIBitsToDevice
GetStockObject
SelectPalette
RealizePalette
SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
BitBlt
DeleteObject
GetObjectA
CreateCompatibleDC
SelectObject
GetDIBColorTable
GetDIBits
DeleteDC
StretchDIBits

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

mfcn42d

ord275
ord294
ord346
ord353
ord296
ord328
ord265
ord259
ord301

wsock32

accept
listen
bind
getpeername
socket
closesocket
gethostname
gethostbyname
htons
send
WSACleanup
WSAStartup
recv

wininet

InternetOpenUrlA
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9701269306996c279f4c009781f933d9

Headers

File Characteristics

Imports

mfc42d

msvcrtd

kernel32

user32

gdi32

advapi32

mfcn42d

wsock32

wininet

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB