NEAS[.]47f83df18f1ea7c06b5c3d249a843740_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.47f83df18f1ea7c06b5c3d249a843740_JC.exe
Size

746KB
MD5

47f83df18f1ea7c06b5c3d249a843740
SHA1

58ea423c515240c9bc91aa359b5be24e4e353ac3
SHA256

242dc10f36f80775ce58c54625c9f2a6601d5cd6db409f53439f72c89ac2655d
SHA512

254b96a5d16121b79d783ba59f5c5fc377990e3f68c210ca1f21753738f4b841de9d3e121bc9b1af8ee309cc126609568b43467bd9e9242f0b62ca9e6b4891fb
SSDEEP

12288:zvg34algi5yS97hbBPm5yUTDc7zXZpATPP3yuL3T2f7akjcUmUHEaMyg9QwB:zvg34BiYS97xBPm5+fZpATPPC+iDakje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.47f83df18f1ea7c06b5c3d249a843740_JC.exe

Files

NEAS.47f83df18f1ea7c06b5c3d249a843740_JC.exe
.exe windows:5 windows x86

f9d679c88c5f2c3082f016addcdfdb15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
LoadLibraryW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
GetModuleFileNameA
Sleep
ExitProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
RtlUnwind
RaiseException
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
InterlockedExchange
InterlockedCompareExchange
LCMapStringW
LCMapStringA
GetStringTypeExW
GetUserDefaultLCID
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GetModuleHandleW
CreateDirectoryW
SetEvent
CreateEventW
CreateThread
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetComputerNameW
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
WriteFile
GetModuleFileNameW
CreateFileW
GetFileSize
WideCharToMultiByte
ReadFile
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetModuleHandleA

user32

DrawFrameControl
GetWindow
SetWindowPos
LoadIconW
PostQuitMessage
LoadStringW
CharLowerW
CharUpperW
PostThreadMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetMessageW
GetWindowPlacement
RegisterClassExW
LoadCursorW
DefWindowProcW
EndPaint
BeginPaint
GetUpdateRect
RemovePropW
SetPropW
GetPropW
GetClassInfoExW
CreateWindowExW
DestroyWindow
UnregisterClassW
IsWindow
SendMessageW
GetClientRect
GetDesktopWindow
ReleaseDC
IsWindowVisible
ShowWindow
GetKeyState
PostMessageW
SetWindowRgn
GetCapture
UpdateWindow
IsDialogMessageW
EnableWindow
GetMenu
EndDialog
CloseClipboard
EmptyClipboard
GetClipboardData
OpenClipboard
GetDlgItem
keybd_event
DrawEdge
GetWindowRect
AppendMenuW
CreatePopupMenu
CallNextHookEx
UnhookWindowsHookEx
TrackPopupMenu
ClientToScreen
SetWindowsHookExW
DestroyMenu
IsMenu
GetParent
GetSysColor
GetWindowTextLengthW
GetWindowTextW
SetWindowLongW
SetWindowTextW
CallWindowProcW
GetFocus
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
DrawTextW
MoveWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
LoadImageW
SetFocus
ReleaseCapture
SetCapture
SetCursor
SystemParametersInfoW
GetDC

gdi32

SetBkColor
CreateFontW
CreateFontIndirectW
GetObjectW
GetDeviceCaps
BitBlt
CreateCompatibleDC
SetBkMode
SelectClipRgn
GdiFlush
SelectObject
DeleteObject
DeleteDC
ExtTextOutW
GetTextExtentPoint32W
GetStockObject
CombineRgn
CreateRectRgnIndirect
StretchBlt
SetStretchBltMode
SetTextColor
TextOutW
RestoreDC
CreateSolidBrush
CreateDIBSection
SaveDC
SetWindowOrgEx

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetFolderPathW
DragQueryFileW
ShellExecuteW

ole32

CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize

oleaut32

OleLoadPicture

ws2_32

WSASetLastError
socket
setsockopt
connect
htons
getservbyname
inet_addr
htonl
gethostbyname
getservbyport
ntohs
gethostbyaddr
WSAGetLastError
inet_ntoa
send
shutdown
recv
WSAStartup
closesocket
WSACleanup

comctl32

ord17

msimg32

AlphaBlend

Sections

.text
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9d679c88c5f2c3082f016addcdfdb15

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

comctl32

msimg32

Sections

.text Size: 504KB - Virtual size: 504KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 504KB - Virtual size: 504KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 30KB - Virtual size: 30KB