NEAS[.]0ee0a707863078d7527edff329e37630_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0ee0a707863078d7527edff329e37630_JC.exe
Size

6.0MB
MD5

0ee0a707863078d7527edff329e37630
SHA1

387ac3bb4da27ebc6af522259aafc1abe76c2454
SHA256

1e7cbca2529396e52a0f495e1db2c7343ed25ebef5a8fc1e48b18b09a70a3afc
SHA512

dcb89283c1b92f73040d0ea246e80c5fb46df55454fdcfce96fc8da1c40542b7aa643e5f1ff1e9e16a22da807b81cc9a77875d9214ac1b9fd95100249f82e396
SSDEEP

196608:ZBCiETuHe4nwYNK2p2EptsZGFm1rrG3/B+xs:uiEaHJxKEfsBrr+p+x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0ee0a707863078d7527edff329e37630_JC.exe

Files

NEAS.0ee0a707863078d7527edff329e37630_JC.exe
.dll windows:6 windows x86

d8c336b04b37ed7f7b3c15fbb1846490

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
WriteFile
GetOEMCP
CreateFileW
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetProcessHeap
SetEndOfFile
LocalFree
SuspendThread
EnumSystemLocalesW
OpenFileMappingA
GetThreadTimes
CloseHandle
GetUserDefaultUILanguage
VirtualProtect
GetStringTypeW
CreateEventW
GetLocalTime
GetDiskFreeSpaceW
EnterCriticalSection
CreateNamedPipeA
GetOverlappedResult
FlushFileBuffers
GetExitCodeProcess
GetSystemDirectoryA
Sleep
VirtualQueryEx
WaitForSingleObject
GlobalLock
TlsGetValue
SetHandleInformation
SetDllDirectoryW
VirtualQuery
GetACP
IsDebuggerPresent
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
WideCharToMultiByte
EncodePointer
DecodePointer
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress

user32

EnableWindow
DeleteMenu
RemoveMenu
ShowOwnedPopups
MapDialogRect
KillTimer
IsZoomed
RemovePropA
GetMenuStringW
CharLowerBuffW
ShowCaret
SendDlgItemMessageA
OffsetRect
GetKeyboardLayout
CheckMenuRadioItem
MessageBoxA
InvalidateRect
LoadMenuW
PeekMessageA
SetClassLongA
ScrollWindow
EndDialog
EnumChildWindows
CreatePopupMenu
IsDlgButtonChecked
GetKeyboardType
SetDlgItemTextW
ValidateRgn
GetDlgCtrlID
GetDlgItemTextA
DialogBoxParamA
InflateRect

gdi32

SetWindowExtEx
SetLayout
SetTextColor
GetDeviceCaps
SetDIBColorTable
CreateRectRgnIndirect
CombineRgn
ExtCreateRegion
StretchDIBits
GetBkColor
GetCurrentPositionEx
GetDIBColorTable
SetStretchBltMode
CreateRectRgn
RoundRect
ExtTextOutA
GetTextExtentPoint32W

comdlg32

GetOpenFileNameW

advapi32

GetUserNameA
RegCloseKey
RegLoadKeyW
RegEnumKeyExW
AllocateAndInitializeSid
RegDeleteValueA
ChangeServiceConfigW
SetSecurityDescriptorDacl

shell32

Shell_NotifyIconW

oleaut32

SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayCreate

Sections

.text
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8c336b04b37ed7f7b3c15fbb1846490

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 393KB - Virtual size: 392KB

.data Size: 5.6MB - Virtual size: 5.6MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 393KB - Virtual size: 392KB

.data
Size: 5.6MB - Virtual size: 5.6MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 11KB - Virtual size: 10KB