NEAS[.]9c94356b60179bd4f7de4cb31bb90bb0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9c94356b60179bd4f7de4cb31bb90bb0_JC.exe
Size

196KB
MD5

9c94356b60179bd4f7de4cb31bb90bb0
SHA1

22f78c623af4568ef60b36170e9b4111b77b750e
SHA256

ea2c607462534e1dbd32854f015dc1eca4eab968e7bd5bf73ffae4f9f2f36cd2
SHA512

7b348b35f70319f1b122a8ca62c305e413dbad3aeeb56d7cae2490548c09ee8bfc78fb43465c67585d07d05438067f4efcd5067ffc0109c5a616b54bce739c48
SSDEEP

3072:jsJ8bhZ4u6N4YC5aNhXrOoWMdOorB7sF3/bL:4IGu6N4t5ijsF3//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9c94356b60179bd4f7de4cb31bb90bb0_JC.exe

Files

NEAS.9c94356b60179bd4f7de4cb31bb90bb0_JC.exe
.dll regsvr32 windows:4 windows x86

16a0fd09f8ef9374788762eae2045f1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
SizeofResource
LoadResource
lstrlenA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
HeapDestroy
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
DisableThreadLibraryCalls
lstrcpyA
CompareStringW
WideCharToMultiByte
CompareStringA
GetVersionExA
FindResourceA
GetSystemDefaultLangID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
GetOEMCP
GetACP
GetCPInfo
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetSystemTime
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RtlUnwind
ExitProcess
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue

user32

ReleaseDC
IsWindowVisible
EndDialog
ScreenToClient
GetWindowRect
GetParent
GetDlgCtrlID
SetCursor
EnumChildWindows
LoadCursorA
GetFocus
ShowWindow
SetWindowTextA
GetWindowTextA
CheckRadioButton
GetDlgItem
PtInRect
GetDC
MessageBoxA
IsDlgButtonChecked
GetWindowTextLengthA
PostMessageA
DialogBoxParamA
GetDesktopWindow
CharNextA
wsprintfA

advapi32

RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromIID
CoCreateInstance
CoTaskMemAlloc
CoGetMalloc

oleaut32

VarUI4FromStr
SysStringLen
RegisterTypeLi
LoadTypeLi
SafeArrayGetDim
SafeArrayGetElement
SysAllocString
VariantCopyInd
VariantChangeType
SafeArrayRedim
VariantCopy
SafeArrayCopy
VariantInit
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayPtrOfIndex
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
VariantClear
SysFreeString
SysReAllocStringLen
SysStringByteLen

gdi32

SetBkColor
SelectObject
CreateSolidBrush
DeleteObject
CreateFontA
GetTextMetricsA
SetTextColor

shell32

ShellExecuteA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerDesign
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16a0fd09f8ef9374788762eae2045f1a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

gdi32

shell32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 8KB - Virtual size: 6KB