NEAS[.]f53031a73925d512e013011f83349c30_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.f53031a73925d512e013011f83349c30_JC.exe
Size

240KB
MD5

f53031a73925d512e013011f83349c30
SHA1

6855a4856aa4a66c41e749cb0d20711dca5089ac
SHA256

44964b1d8638ee97f2b292e31fb31642eb2f02e79e435376ce7f4dfb7d10463b
SHA512

5fc5f7759dee7cca23dcf90489e6979dc5a7ba41740b0ca21be1b30e0ad6f65a27d931300e5d5d99c61b3f82887a0a651b722e05415a55b6608755551efbeaf8
SSDEEP

3072:x8yELDnCLVt2kHN0mzLcf+I5YBwIK0++t/:x8lLDnCXv0f9oKI/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f53031a73925d512e013011f83349c30_JC.exe

Files

NEAS.f53031a73925d512e013011f83349c30_JC.exe
.exe windows:6 windows x64

55ea4784d7f6abface57d4830dbfa9fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cwcore

?instance@CWBasisSettings@@SAPEAV1@XZ
?temporaryDirectory@CWBasisSettings@@QEBA?AVQString@@XZ
?useSoftwareRendering@CWBasisSettings@@QEBA_NXZ
?instance@CWPlatformIndependent@@SAPEAV1@XZ
?instance@CWProgramConfig@@SAPEAV1@XZ
?setProgramID@CWProgramConfig@@QEAAXAEBW4CWProgramID@@@Z
??0CWUnhandledExceptionFilter@@QEAA@AEBVQDir@@AEBVQString@@@Z
??1CWUnhandledExceptionFilter@@QEAA@XZ

cwimporter

?run@CWImporterInitializer@@QEAAHXZ
??1CWImporterInitializer@@UEAA@XZ
??0CWImporterInitializer@@QEAA@XZ

cwguiwidgets

??1CWApplication@@UEAA@XZ
??0CWApplication@@QEAA@AEAHPEAPEAD@Z

qt5core

?begin@QListData@@QEBAPEAPEAXXZ
??0QString@@QEAA@AEBV0@@Z
?shared_null@QListData@@2UData@1@B
??1QDir@@QEAA@XZ
?setAttribute@QCoreApplication@@SAXW4ApplicationAttribute@Qt@@_N@Z
?end@QListData@@QEBAPEAPEAXXZ
??0QDir@@QEAA@AEBVQString@@@Z
?append@QListData@@QEAAPEAPEAXXZ
?dispose@QListData@@SAXPEAUData@1@@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?fromAscii_helper@QString@@CAPEAU?$QTypedArrayData@G@@PEBDH@Z
??1QString@@QEAA@XZ

vcruntime140

__std_terminate
_CxxThrowException
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_set_app_type
_seh_filter_exe
_c_exit
_cexit
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
_callnewh

shell32

CommandLineToArgvW

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetCommandLineW
LocalFree
GetCurrentProcessId
WideCharToMultiByte
IsProcessorFeaturePresent
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentProcess
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ea4784d7f6abface57d4830dbfa9fa

Headers

DLL Characteristics

File Characteristics

Imports

cwcore

cwimporter

cwguiwidgets

qt5core

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

shell32

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 672B

.gfids Size: 512B - Virtual size: 56B

.rsrc Size: 222KB - Virtual size: 222KB

.reloc Size: 512B - Virtual size: 68B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 672B

.gfids
Size: 512B - Virtual size: 56B

.rsrc
Size: 222KB - Virtual size: 222KB

.reloc
Size: 512B - Virtual size: 68B