NEAS[.]6c709e94a09f63d0399a9b7d255f2ad0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6c709e94a09f63d0399a9b7d255f2ad0_JC.exe
Size

1.4MB
MD5

6c709e94a09f63d0399a9b7d255f2ad0
SHA1

5dcaf695d6c8f5e01763f6a11cbf17d8f3b8b615
SHA256

76915a6f24bf5813dba6f009e4438327982e2446f7c56632f4805df677df63ed
SHA512

35acfd576dd8939e947349db463e8a1cf3636a242d148a79e4b65688d577b036b1b9de8b4f11a422cf611f296ddb1149067ea5ef7dee4c733b8af8e52c3faca4
SSDEEP

24576:JiDtnfAckduQjTeD7Z9HEQRQFTTxMsyUUO1w7SOyRtFRN4KY+:zcRgKD7Z9HnQDM2UO+WRt0+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6c709e94a09f63d0399a9b7d255f2ad0_JC.exe

Files

NEAS.6c709e94a09f63d0399a9b7d255f2ad0_JC.exe
.exe windows:4 windows x86

e7bea9a592b1e5a4185bfd65ca0f1bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualProtect
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
SetStdHandle
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
HeapReAlloc
SetFilePointer
TlsAlloc
TlsGetValue
TlsSetValue
lstrcmpiA
GetCurrentDirectoryA
SetCurrentDirectoryA
MultiByteToWideChar
GlobalAlloc
GlobalFree
LoadLibraryA
CreateThread
FreeLibrary
CopyFileA
WinExec
TerminateThread
CreateProcessA
lstrcpyA
lstrlenA
GetCurrentThread
GetFileSize
ExitThread
ReadFile
CreateFileA
WriteFile
FlushFileBuffers
CloseHandle
SetLastError
TlsFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapAlloc
RtlUnwind
GetFileAttributesA
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
GetTickCount
DeleteFileA
SetFileAttributesA
GetProcAddress
GetLastError
GetModuleFileNameA

user32

CallWindowProcA
MessageBoxA
SendMessageA
GetWindowTextA
DestroyWindow
ShowCaret
GetFocus
InvalidateRect
SetWindowLongA
CreateWindowExA
UpdateWindow
wsprintfA
SetFocus
SetCursor
TrackMouseEvent
HideCaret
KillTimer
LoadBitmapA
GetWindowLongA
GetClientRect
InflateRect
DrawFrameControl
LoadStringA
FindWindowA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
SetWindowPos
ShowWindow
GetSystemMetrics
MoveWindow
SetCursorPos
SetTimer
BeginPaint
EndPaint
ScreenToClient
GetDC
GetCursorPos
WindowFromPoint
PtInRect
DefWindowProcA
PostQuitMessage
DrawTextA
FillRect
SetWindowTextA

gdi32

CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
GetObjectA
IntersectClipRect
SelectClipRgn
ExcludeClipRect
CreateFontA
SetBkColor
GetStockObject
SelectObject
CreateCompatibleDC
BitBlt
DeleteDC
SetBkMode
CreateSolidBrush
DeleteObject
SetTextColor
TextOutA
DPtoLP

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize
OleCreate
OleSetContainedObject
OleUninitialize

oleaut32

VariantClear
SysAllocString
VariantInit

urlmon

URLDownloadToFileA

wininet

InternetReadFile
DeleteUrlCacheEntry
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7bea9a592b1e5a4185bfd65ca0f1bc6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wininet

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 308KB

.rsrc Size: 936KB - Virtual size: 935KB

.text Size: 172KB - Virtual size: 172KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 308KB

.rsrc
Size: 936KB - Virtual size: 935KB

.text
Size: 172KB - Virtual size: 172KB