NEAS[.]337cdc682703c117657c84a44410d110_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.337cdc682703c117657c84a44410d110_JC.exe
Size

3.0MB
MD5

337cdc682703c117657c84a44410d110
SHA1

81315f5e2d185d3ca2a8d7ded4000e733101a0eb
SHA256

5c6d5606a65b3fb9c32c2764d139ef099cad306d33304284ee115fcb9d35b2aa
SHA512

603040ffb65fdfe5920b8337734b9da407e403f4c7a7de3dad840d12cb3c3164c351ab2f3720a1b9813315d2e1b77413ebc9966f6fc1b4b8231e04e7d351eb0b
SSDEEP

24576:Kg56ga/uQEMScdQods+GOUNwHfYbYbGTWMqYoi1aB+mNbEMx7neVGaCLBA4e6Ai/:2ZbSc+HqsktLGXiQXxSreM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.337cdc682703c117657c84a44410d110_JC.exe

Files

NEAS.337cdc682703c117657c84a44410d110_JC.exe
.exe windows:6 windows x86

00f226ca4f6ec21e3480239f51dc28e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PtInRect
SetDoubleClickTime
GetUpdateRect
IsDialogMessageA
CreateDialogIndirectParamA
EnableWindow
IntersectRect
IsRectEmpty
DestroyWindow
GetFocus
GetMenuItemInfoA
InsertMenuA
GetMenuItemID
SetMenuItemInfoA
OemToCharA
GetWindow
CreateMenu
LoadIconA
RegisterClassA
GetClipboardData
SetCapture
ReleaseCapture
GetMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetScrollRange
GetScrollPos
RedrawWindow
MessageBeep
SetWindowLongA
WinHelpA
CheckMenuItem
GetMenuState
SetCursor
PeekMessageA
DefMDIChildProcA
GetWindowLongA
HideCaret
ShowCaret
SendMessageA
IsClipboardFormatAvailable
ModifyMenuA
ScrollWindow
SetScrollPos
DefWindowProcA
IsWindowVisible
SetFocus
SetCaretPos
CreateCaret
DestroyCaret
AppendMenuA
LoadCursorA
GetSystemMenu
DeleteMenu
wsprintfA
FindWindowA
IsIconic
SetMenu
EnableMenuItem
DrawMenuBar
GetMessageA
TranslateMDISysAccel
TranslateMessage
DispatchMessageA
SetWindowsHookExA
MessageBoxA
UnhookWindowsHookEx
CallNextHookEx
GetWindowRect
FindWindowExA
GetWindowTextLengthA
MapWindowPoints
GetWindowTextA
SetWindowTextA
SetWindowPos
ShowWindow
BeginPaint
EndPaint
GetClientRect
MoveWindow
DestroyMenu
GetMenuItemCount
GetSubMenu
PostQuitMessage
CreateWindowExA
GetSystemMetrics
DefFrameProcA
GetDC
ReleaseDC
GetKeyState
WaitMessage
InvalidateRgn
ScrollDC
InvalidateRect
UpdateWindow
EnumChildWindows
IsWindow
IsZoomed
PostMessageA

gdi32

GetDIBits
GetSystemPaletteEntries
GetMapMode
DPtoLP
AbortDoc
SetAbortProc
StartDocA
StartPage
StretchDIBits
EndPage
EndDoc
GetPixel
TextOutA
CreatePatternBrush
PolyBezierTo
PolyBezier
Pie
Arc
Polygon
Ellipse
SetPixel
GetDeviceCaps
CreateBitmapIndirect
BitBlt
SetStretchBltMode
GetStockObject
SetMapMode
SetWindowExtEx
SetViewportExtEx
EnumFontFamiliesA
CreateFontIndirectA
PatBlt
CreateCompatibleDC
GetObjectA
StretchBlt
DeleteDC
CreateDIBitmap
SetTextColor
SetBkColor
GetTextMetricsA
ExtTextOutA
CreateRectRgn
SetPixelV
MoveToEx
SetROP2
SetBkMode
Polyline
GetNearestPaletteIndex
GetPaletteEntries
SetPaletteEntries
CreatePalette
SelectPalette
RealizePalette
DeleteObject
GetNearestColor
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
CreatePen
Rectangle
SelectClipRgn
GdiFlush
LineTo

comdlg32

PrintDlgA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

kernel32

HeapFree
HeapAlloc
TerminateProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
QueryPerformanceCounter
WideCharToMultiByte
RaiseException
MultiByteToWideChar
GetProfileIntA
GlobalSize
SuspendThread
VirtualQuery
GetCPInfo
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SearchPathA
lstrcpyA
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThread
ResumeThread
IsDBCSLeadByteEx
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
LoadLibraryExA
GetModuleHandleExA
GetFullPathNameW
IsDBCSLeadByte
GetUserDefaultLCID
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
EncodePointer
ExitProcess
GetModuleHandleExW
GetConsoleCP
QueryPerformanceFrequency
FreeLibraryAndExitThread
GetConsoleMode
GetProcAddress
SetStdHandle
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
HeapValidate
CreateFileW
SetConsoleMode
GetNumberOfConsoleInputEvents
ReadConsoleInputW
PeekConsoleInputA
ReadConsoleW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
SetFilePointerEx
GetFileAttributesExW
OutputDebugStringW
IsValidCodePage
GetOEMCP
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
HeapReAlloc
HeapSize
HeapQueryInformation
WriteConsoleW
GetFileSizeEx
GetSystemDefaultLangID
GetUserDefaultLangID
DeleteFileA
GetVersionExA
SetThreadPriority
CreateProcessA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetProcessHeap
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
FindClose
DuplicateHandle
FormatMessageA
LoadLibraryA
GetThreadLocale
GetLastError
CloseHandle
GetStdHandle
IsDebuggerPresent
GetFullPathNameA
GetModuleHandleA
FreeLibrary
GetEnvironmentVariableA
SetFilePointer
CreateFileA
WriteFile
GetFileType
VirtualAlloc
GetSystemInfo
VirtualFree
GetFileAttributesA
GetFileSize
GetFileAttributesExA
LeaveCriticalSection
EnterCriticalSection
Sleep
InterlockedExchange
TlsSetValue
TlsGetValue
TlsFree
SetLastError
TlsAlloc
ReleaseMutex
WaitForSingleObject
GetSystemTimeAsFileTime
GetLocalTime
GetProcessTimes
GetCurrentProcess
GetCurrentThreadId
SetEndOfFile
SetErrorMode
GetCommandLineA
GetACP
SetConsoleCtrlHandler
DeleteCriticalSection
ExitThread
InitializeCriticalSection
CreateEventA
SetEvent
TerminateThread
CreateThread
ReadFile
FlushFileBuffers
GetFileInformationByHandle
GetTempPathA
GetTempFileNameA
FindNextFileA

imagehlp

SymCleanup
SymInitialize
StackWalk64

ole32

StringFromGUID2
CLSIDFromProgID
CoCreateInstance
CreateBindCtx
CLSIDFromString
OleUninitialize
OleInitialize
MkParseDisplayName

oleaut32

SysFreeString
SafeArrayDestroy
VariantInit
SysStringLen
VariantChangeType
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SysAllocString
SafeArrayCreate
SafeArrayPutElement
GetActiveObject

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f226ca4f6ec21e3480239f51dc28e3

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comdlg32

kernel32

imagehlp

ole32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 384KB - Virtual size: 384KB

.data Size: 39KB - Virtual size: 3.3MB

.trace Size: 33KB - Virtual size: 32KB

.data1 Size: 512B - Virtual size: 8B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 147KB - Virtual size: 146KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 384KB - Virtual size: 384KB

.data
Size: 39KB - Virtual size: 3.3MB

.trace
Size: 33KB - Virtual size: 32KB

.data1
Size: 512B - Virtual size: 8B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 147KB - Virtual size: 146KB