NEAS[.]c52211fed22702ab69d7515ac88b77b0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c52211fed22702ab69d7515ac88b77b0_JC.exe
Size

300KB
MD5

c52211fed22702ab69d7515ac88b77b0
SHA1

e915f4b89f0bb37ce6aed0e05a181e7355d4977e
SHA256

87487fa08be5944d076bafcc06bb3d64f22b9a8dc6b2ce32ec66262a98f1802c
SHA512

3469e355d06dea1747acc0c143ecce6de069e29c5fa7ab4b2e0328c6042585d6721b4dd9b9876862fe7d991590703a4f7d30de741137b24ccb5b86d7afd3c58a
SSDEEP

6144:i8i8DLIead1yr8R2F8ex97pEA4DrZYvS8ALTaegkU4gaGSEJwmfylcuR5f0gC6+O:G8Dhq1yr8R68Drv8ALTRUJazEJwmfyln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c52211fed22702ab69d7515ac88b77b0_JC.exe

Files

NEAS.c52211fed22702ab69d7515ac88b77b0_JC.exe
.dll windows:4 windows x86

03ef27105a4f6d93ad6e4e842e7134d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GlobalAddAtomA
GlobalGetAtomNameA
FileTimeToLocalFileTime
RtlUnwind
GetCommandLineA
GetModuleHandleA
SetStdHandle
GetFileType
CreateThread
ExitThread
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
FileTimeToSystemTime
LockFile
SetFilePointer
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoA
GetLocaleInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileStringA
Sleep
GetPrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetLastError
DeviceIoControl
CreateEventA
lstrcpynA
GetProcessHeap
HeapAlloc
ReadFile
HeapFree
GetTickCount
GlobalFlags
GetProcessVersion
GetVersion
lstrcatA
GetFileTime
GetFileSize
GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
DeleteFileA
SetEndOfFile
UnlockFile
FlushFileBuffers
VirtualFree
DuplicateHandle
WriteFile
OpenEventA
LCMapStringA
GetCurrentProcess
InitializeCriticalSection
WaitForSingleObject
CreateFileA
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
LocalAlloc
GlobalFree
TlsAlloc
SetLastError
GlobalUnlock
MulDiv
GlobalDeleteAtom
GlobalLock
GlobalAlloc
GetCurrentThread
lstrcmpA
lstrcmpiA
SetThreadPriority
SuspendThread
GetCurrentThreadId
LocalFree
ResumeThread
SetEvent
MultiByteToWideChar
InterlockedDecrement
WideCharToMultiByte
lstrlenA
LoadLibraryA
InterlockedIncrement
FreeLibrary
TerminateThread
FormatMessageA
GetProcAddress
LCMapStringW
PulseEvent
VirtualAlloc
HeapCreate

user32

ScreenToClient
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
ScrollWindow
EqualRect
AdjustWindowRectEx
SetActiveWindow
GetSysColor
MapWindowPoints
SystemParametersInfoA
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
DestroyMenu
EndDialog
FindWindowA
InvalidateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetLastActivePopup
GetForegroundWindow
ShowScrollBar
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
RegisterWindowMessageA
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextA
SetWindowTextA
GetWindowLongA
GetSystemMetrics
CharUpperA
wsprintfA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
PostQuitMessage
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
UnhookWindowsHookEx
IsWindow
PostMessageA
SetScrollInfo
SetForegroundWindow
GetPropA
GetDlgItem

gdi32

CreateBitmap
SaveDC
RestoreDC
GetStockObject
SelectObject
SetBkColor
SetTextColor
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

Exports

Exports

DetectionCarte
Ecrire
Fermer
Lire
LireConfiguration
LireVersion
ModificationConfiguration
Ouvrir

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03ef27105a4f6d93ad6e4e842e7134d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 30KB - Virtual size: 72KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 22KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 30KB - Virtual size: 72KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 22KB

.rmnet
Size: 56KB - Virtual size: 60KB