NEAS[.]a81f533f6dc4f507672619d80a9945f0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a81f533f6dc4f507672619d80a9945f0_JC.exe
Size

556KB
MD5

a81f533f6dc4f507672619d80a9945f0
SHA1

a15f7f1258aca5a634c3129521b4aadf978598b3
SHA256

4b690c74fe53ea49b95293bbee1a46b8103aa279f77e8c743a06f21e07ba333a
SHA512

dae5ba8dc4157bb6c49256efddc4a059b53f710f998fee751e8a4421b4e03d44ba8b1bdfd3330403a5353ea7a8d37f496ffea0cf9582ed15fa4937214637101f
SSDEEP

12288:pWAua+dg/vtE6qxuKe7U85OeOAPHSQwbEZOvgEnA/:8trHeOAfSdbvvhnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a81f533f6dc4f507672619d80a9945f0_JC.exe

Files

NEAS.a81f533f6dc4f507672619d80a9945f0_JC.exe
.dll regsvr32 windows:6 windows x86

ac4278a337dba190de1ce3ef16d39c4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
FreeLibrary
InterlockedExchange
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
IsProcessorFeaturePresent
InterlockedDecrement
GetLastError
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
CreateEventW
WaitForSingleObject
RaiseException
InitializeCriticalSection
GetVersion
LoadLibraryExA
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
lstrlenW
FindResourceW
GetLocaleInfoA
GetUserDefaultLCID
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
DeleteFileA
GetTempPathA
GetTempFileNameA
MoveFileA
FlushFileBuffers
GetFileSize
GetFileTime
LockFile
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
UnlockFile
CloseHandle
CreateFileA
DeleteFileW
GetDriveTypeA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
MoveFileW
GetVolumeInformationA
GetCurrentDirectoryA
CreateDirectoryA
FindClose
FindFirstFileA
FindNextFileA
GlobalMemoryStatus
LocalAlloc
LoadLibraryA
TlsAlloc
EncodePointer
GetCommandLineA
DecodePointer
GetCurrentThreadId
WideCharToMultiByte
lstrlenA
GetModuleFileNameA
ResetEvent
SetEvent
GetVersionExW
GetFileAttributesExW
GetFileAttributesExA
CreateFileW
GetProcessHeap
HeapValidate

advapi32

RegDeleteKeyA
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExW
RegCreateKeyExA
RegCloseKey

ole32

CLSIDFromString
CreateBindCtx
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoGetMalloc
StringFromGUID2
CoGetClassObject
StringFromCLSID

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
WMCreateStreamForURL

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac4278a337dba190de1ce3ef16d39c4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 272KB - Virtual size: 272KB

.data Size: 11KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 259KB - Virtual size: 260KB

.text
Size: 272KB - Virtual size: 272KB

.data
Size: 11KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 259KB - Virtual size: 260KB