NEAS[.]a8966846fa292a4e7892b252f1234c00_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.a8966846fa292a4e7892b252f1234c00_JC.exe
Size

284KB
MD5

a8966846fa292a4e7892b252f1234c00
SHA1

5b76c8a018f3407666a30c56ae4e7a3067ab35e5
SHA256

79873eac195a5fbe2b9a368ac97bd19ee9e01be830126c13c84cf4c17884954c
SHA512

79e7d0519c038c6cd314e17fc81e47e596b7726c7a11c939af97a3c45de0750f0ee69e8ad6688e196c5c3b9232d6bc378a3599acf138a6ae2a88ba0f3ab135c2
SSDEEP

6144:xSEjBzKJ0J/LmzraJuZQwaxvk45YPR3YdT+Z3U:xSE1zbbHwaqR3KT+Z3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a8966846fa292a4e7892b252f1234c00_JC.exe

Files

NEAS.a8966846fa292a4e7892b252f1234c00_JC.exe
.exe windows:4 windows x86

3f7a9612cbf73a02d77bc28c696dfedc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreatePolygonRgn
CreateSolidBrush
DeleteObject
GetTextMetricsA
SelectObject
SetPixel

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FormatMessageA
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTickCount
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LocalFree
MoveFileA
ReadFile
RemoveDirectoryA
SetFilePointer
SetFilePointerEx
SetUnhandledExceptionFilter
Sleep
WaitForSingleObject
WriteFile

msvcrt

_strdup
__getmainargs
__p__environ
__p__fmode
__set_app_type
_atoi64
_cexit
_iob
_onexit
_setmode
atexit
exit
free
isalnum
malloc
memcpy
memmove
memset
realloc
signal
sprintf
strchr
strcmp
strlen
strrchr

shell32

SHFileOperationA

user32

AppendMenuA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnableWindow
EnumWindows
FillRect
GetDC
GetMessageA
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
KillTimer
LoadCursorA
MessageBoxA
PostMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
SendMessageA
SetForegroundWindow
SetTimer
SetWindowRgn
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage

wininet

HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetReadFile
InternetSetStatusCallback

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

3f7a9612cbf73a02d77bc28c696dfedc

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

shell32

user32

wininet

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 136B

.rdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 35KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 16KB - Virtual size: 15KB

.stab Size: 27KB - Virtual size: 26KB

.stabstr Size: 154KB - Virtual size: 154KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 136B

.rdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 35KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 15KB

.stab
Size: 27KB - Virtual size: 26KB

.stabstr
Size: 154KB - Virtual size: 154KB