NEAS[.]683343aed30e13c7c8cd032c108fb620_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.683343aed30e13c7c8cd032c108fb620_JC.exe
Size

499KB
MD5

683343aed30e13c7c8cd032c108fb620
SHA1

1dbc5202acf15d619e388b4cfe9ffd2b158a47ab
SHA256

24c92204dcb60ea931ffff69875ae423ed4dac48c9da58edd09ed001c3ebce4a
SHA512

7fb34f928afe953ad94b3bf0daf68b28255b827b10445e0e2caf847dc2e77a523b88aa9a2c7c087d3d632a1827f6d175675e25bc2db6ad46f305ea70e9c35f89
SSDEEP

6144:KT/g3lxlK5WRzhmweeYTiZ9vNa/23JUGbb/2cl7VgEQaNE9gP1YNbOsIv:Kbg1xlSMc2uKztmQ2xFIv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.683343aed30e13c7c8cd032c108fb620_JC.exe

Files

NEAS.683343aed30e13c7c8cd032c108fb620_JC.exe
.dll windows:6 windows x86

a89e22a42fa96599538f83c7f58c9c94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemInfo
EnumSystemLocalesW
TlsFree
ExitProcess
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetModuleFileNameW
WriteFile
GetACP
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
FindClose
GetModuleHandleExW
GetProcessHeap
IsDebuggerPresent
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
EnumResourceNamesW
EncodePointer
GetSystemDefaultLangID
CloseHandle
VirtualProtect
GetTempFileNameW
GlobalLock
DeleteCriticalSection
GetTickCount
WaitForSingleObject
GetFullPathNameW
LocalFree
GetCurrentProcessId
GetOEMCP
CreateEventW
LockResource
GetLocalTime
ResetEvent
IsValidCodePage
GetTempPathW
GlobalUnlock
GetOverlappedResult
CreateFileW
GetFileAttributesW
GetFileAttributesA
SetCommState
GetWindowsDirectoryA
GetEnvironmentStringsW
WaitNamedPipeA
VerSetConditionMask
SetDllDirectoryW
LoadLibraryExW
LoadResource
FindResourceW
SetEndOfFile
VirtualQuery
SwitchToThread
RemoveDirectoryW
MultiByteToWideChar
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
GetCurrentThreadId
WideCharToMultiByte
DecodePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetLastError
HeapFree
GetCommandLineA

user32

GetClientRect
GetDC
GetDlgCtrlID
IsZoomed
GetKeyState
SetParent
GetWindowTextLengthA
RegisterClassW
ValidateRgn
LoadCursorA
KillTimer
CheckMenuRadioItem
GetClassNameW
SendDlgItemMessageW
DrawMenuBar
CharLowerBuffW
ShowCaret
GetDoubleClickTime
OffsetRect
DestroyWindow
AttachThreadInput
EndPaint
EnumWindows
GetKeyboardState
GetWindowPlacement
GetScrollInfo
SetWindowsHookExA
DestroyCursor
GetSysColorBrush
FlashWindow
GetKeyboardType
GetSystemMetrics
InsertMenuA
ToUnicode
SetDlgItemTextA
TranslateMDISysAccel
GetMessageTime
ClientToScreen
SetKeyboardState
PostMessageW
LoadIconA
SetScrollRange
WaitMessage
GetCapture
MessageBoxA
UnionRect
GetWindowLongA
EnableMenuItem
DefWindowProcA
DrawTextExW

gdi32

SetWindowOrgEx
GetBitmapBits
CreateFontA
SetBkColor
GetObjectType
LineTo
PtInRegion
Ellipse
GetTextExtentExPointA
CreatePatternBrush
Polyline
GetTextExtentPoint32A
Rectangle
GetCharWidth32A
GetStockObject
GetWindowOrgEx
PatBlt
GetDIBits
RectInRegion
RealizePalette
GetSystemPaletteEntries
UpdateColors
CreateSolidBrush
SetWindowExtEx
CreateFontIndirectA
StretchDIBits
GetCharABCWidthsW
CreatePen
RoundRect

comdlg32

GetSaveFileNameW
FindTextW

advapi32

GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetKeySecurity
InitializeSecurityDescriptor

shell32

CommandLineToArgvW

oleaut32

SysFreeString

Sections

.text
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a89e22a42fa96599538f83c7f58c9c94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 383KB - Virtual size: 383KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 383KB - Virtual size: 383KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 14KB - Virtual size: 14KB