NEAS[.]0c3e580a49e49bcce5bdc41843f60710_JC[.]exe

General

Target

NEAS.0c3e580a49e49bcce5bdc41843f60710_JC.exe
Size

2.8MB
MD5

0c3e580a49e49bcce5bdc41843f60710
SHA1

eaf540f649b7d84f4e5fa978748ee9190e711bc6
SHA256

6ccd576233d1300da2530028c18959a1e0918a96ebcafff70969c0b29a0783f6
SHA512

6a58e75b1dc9187c306e33cec4b6440f48810a9882b2ce00e4ce63a2803fe0c35a8784aea2aff6146bfb783ddfe277bd64327a00da4d38fa2970dae36491be16
SSDEEP

49152:pwKvCWYL/uu5BWxEu8j2ofz9nrd8mBf3z66dZ1kOMjP/v6N9oG0tbZsD23u6ib:bcu8y0pnemBfe6JgX6N990FqDs1ib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0c3e580a49e49bcce5bdc41843f60710_JC.exe

Files

NEAS.0c3e580a49e49bcce5bdc41843f60710_JC.exe
.dll windows:5 windows x86

9265de4279ec2b9cc932b695004ba8dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
CreateFileA
ReadFile
WriteFile
CloseHandle
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrcmpiA
lstrlenA
CreateDirectoryA
SetFileAttributesA
GetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteFileA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ole32

CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushCabinet
FCIFlushFolder
FDICopy
FDICreate
FDIDestroy
FDIIsCabinet
FDITruncateCabinet
GetDllVersion

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9265de4279ec2b9cc932b695004ba8dd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB