NEAS[.]9333966cd5f20ee5ca413178f1c6afe0_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.9333966cd5f20ee5ca413178f1c6afe0_JC.exe
Size

409KB
MD5

9333966cd5f20ee5ca413178f1c6afe0
SHA1

e61207424c5cc64d399b47bb3587119696481cc2
SHA256

8b0320ef00186043420323d035a8baaeecd05393f92fca27a781733f6bd134ac
SHA512

08c723f24cce7d82458b64bacdf917d420a02336c89004f9aec539790408add2f29a2f4a6d1cb6173d073e2687508135f625d9469d774c4e363224faca45b0c3
SSDEEP

12288:HgZ4AcJrQBtvLPn3tmnUMSM7DFvyXFJF:HgZ4AcrqPnqUq75cFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9333966cd5f20ee5ca413178f1c6afe0_JC.exe

Files

NEAS.9333966cd5f20ee5ca413178f1c6afe0_JC.exe
.dll windows:5 windows x64

8232ec7f9ffe308327c154373f9aaec1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

GetForegroundWindow
GetActiveWindow

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

opengl32

glFlush
glViewport
wglMakeCurrent
glGetString

kernel32

FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
FreeLibrary
InitializeCriticalSection
LoadLibraryW
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
DeleteCriticalSection
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
GetModuleFileNameW
LoadLibraryA
CreateProcessW
WaitForSingleObject
ExitThread
GetLastError
CloseHandle
GetCurrentProcessId
CreateThread
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
RtlUnwindEx
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode

Exports

Exports

ACFCanUnloadNow
ACFGetClassFactory
ACFRegisterComponent
ACFRegisterPlugin

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8232ec7f9ffe308327c154373f9aaec1

Headers

File Characteristics

Imports

user32

advapi32

opengl32

kernel32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 243KB - Virtual size: 243KB

.data Size: 17KB - Virtual size: 26KB

.pdata Size: 9KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 243KB - Virtual size: 243KB

.data
Size: 17KB - Virtual size: 26KB

.pdata
Size: 9KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 2KB