NEAS[.]ba91e8d534fdd48ebeea0671946793a0_JC[.]exe

General

Target

NEAS.ba91e8d534fdd48ebeea0671946793a0_JC.exe
Size

172KB
MD5

ba91e8d534fdd48ebeea0671946793a0
SHA1

ae7bf3af165308d584aeae828f2729402091ee30
SHA256

3d1b24de7fb35ba97ccd0a8d17ca20a48708cb29ba6e66eed1ade2d697a5f925
SHA512

036fd8c51b101614cc4b95ee619cfce361e9f1d20ef7f835ad516f863a01cae42773cb68926c888152b9774c5d6180ba6d578cfb20dbdc80e1830d9d3f15beb7
SSDEEP

1536:Uno0lCtCf1+ORdzUdlPBP+Tnlxa4ZjN20aJqMPw2yjt/oFD:Uo0lCt6yPdcja4ZjPZMPRUo5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ba91e8d534fdd48ebeea0671946793a0_JC.exe

Files

NEAS.ba91e8d534fdd48ebeea0671946793a0_JC.exe
.exe windows:4 windows x86

0caaab14a2725eed337220494304e64c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
WaitForMultipleObjects
LCMapStringA
SetEndOfFile
WaitForSingleObject
SetConsoleTitleA
SetEvent
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
GetLastError
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
CloseHandle
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
FlushFileBuffers
SetStdHandle
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringW
CreateEventA
CreateThread

user32

FindWindowA

dsound

ord1

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0caaab14a2725eed337220494304e64c

Headers

File Characteristics

Imports

kernel32

user32

dsound

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB