NEAS[.]4faf0af7a310fa27503ac541865aac00_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.4faf0af7a310fa27503ac541865aac00_JC.exe
Size

100KB
MD5

4faf0af7a310fa27503ac541865aac00
SHA1

aeb32614664e4de41d6d0bdcb3567a9d85388801
SHA256

a286944acc46e2eb970667e89fd9bb6c18e3dd4aee69c9ba57464b398e45157e
SHA512

e38accf73c6febcb171210e8a31e15223b89c24ccb07fdd33fcbb472cfac8b79b4ca4a5d101fc607100aff85c12c40b029f23408d688f4f16f6c685f6158eb76
SSDEEP

1536:+LhDVpVspa/x/UDWXYoz6bKB9UV4HEPEXHPOPq4lsTYxaoBObx8kok+Mb7hZdxhD:8Vz/OW9BuV4HBvja7Bc8koRMfhZdxw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4faf0af7a310fa27503ac541865aac00_JC.exe

Files

NEAS.4faf0af7a310fa27503ac541865aac00_JC.exe
.dll regsvr32 windows:4 windows x86

273e5743345f641d8ed47f5ab2af608c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
GetFileTime
CreateFileA
GetSystemDirectoryA
WriteFile
GetComputerNameA
Sleep
WaitForSingleObject
ReleaseMutex
GetTickCount
lstrcpynA
GetLocalTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CopyFileA
CreateDirectoryA
GetFileAttributesA
GetWindowsDirectoryA
GetVersionExA
GetCurrentProcess
GetCurrentThread
CreateProcessA
GetEnvironmentVariableA
GetSystemDefaultLangID
OpenMutexA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
lstrcmpiA
FindResourceA
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
LoadLibraryExA
EnumResourceLanguagesA
FindResourceExA
SizeofResource
LoadResource
LockResource
GetLastError
FreeLibrary
WideCharToMultiByte
GetPrivateProfileIntA
GetPrivateProfileStringA
SystemTimeToFileTime
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

MessageBoxA
GetSystemMetrics
CharNextA

advapi32

FreeSid
OpenSCManagerA
OpenServiceA
CreateServiceA
QueryServiceConfigA
ChangeServiceConfigA
StartServiceA
CloseServiceHandle
RegCreateKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegQueryValueExA
RegEnumKeyA
GetUserNameA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHGetPathFromIDListA

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

273e5743345f641d8ed47f5ab2af608c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB