NEAS[.]b8aa8e878359ccdbe459e86983458090_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b8aa8e878359ccdbe459e86983458090_JC.exe
Size

3.1MB
MD5

b8aa8e878359ccdbe459e86983458090
SHA1

920d9aacbaf5b0c36af83e96b79207a4936ac366
SHA256

71907e83e0bb3d70c77e43753f115994de61879bd7ad5d3d4e365f9ee6ffe28d
SHA512

c65e247d101ad204a8f9adce34f697ce65393b78a9208e7803646d1d0a5cc0b33ee3284e86c6a190bee6bf3e6b8051e16717c856ed360026c56d546757783c32
SSDEEP

49152:Mml38ftMraVz6yGWmaSR1QyYAaqLXaVRHChxj:M68VMOCaSnVLXapCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b8aa8e878359ccdbe459e86983458090_JC.exe

Files

NEAS.b8aa8e878359ccdbe459e86983458090_JC.exe
.exe windows:4 windows x86

2e1f77c0467d6dcbc8abfb65aecadec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
mciGetErrorStringA
mciSendStringA

iscmplr

ord2

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wsock32

listen
inet_addr
closesocket
setsockopt
getsockopt
WSAGetLastError
inet_ntoa
shutdown
ntohs
ntohl
htons
htonl
ioctlsocket
connect
gethostbyname
socket
send
recv
gethostname
sendto
recvfrom
getprotobyname
WSAAsyncSelect
WSASetLastError
getpeername
getsockname
bind
select
accept

shlwapi

PathFindNextComponentA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

kernel32

InterlockedDecrement
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
SetEvent
SuspendThread
CreateEventA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
GlobalFlags
GetProfileIntA
LocalFileTimeToFileTime
VirtualProtect
EnumResourceLanguagesA
ConvertDefaultLocale
InterlockedIncrement
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetStartupInfoA
GetCommandLineA
HeapSize
ExitThread
CreateThread
ExitProcess
TerminateProcess
SetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
QueryPerformanceCounter
GetLocaleInfoW
GlobalSize
RaiseException
SetComputerNameA
GetComputerNameA
GetCurrentThread
GetPriorityClass
GetThreadPriority
SetPriorityClass
SetThreadPriority
GetEnvironmentStrings
FreeEnvironmentStringsA
ExpandEnvironmentStringsA
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
SetFileAttributesA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
GetFileSize
GetDriveTypeA
GetVolumeInformationA
SetVolumeLabelA
GetLogicalDrives
GetTimeZoneInformation
GetUserDefaultLCID
SetLastError
FindResourceExA
EndUpdateResourceA
BeginUpdateResourceA
GetSystemDefaultLangID
GetLastError
FormatMessageA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalFree
SetCurrentDirectoryA
GetFullPathNameA
DeleteCriticalSection
GetCurrentProcess
DuplicateHandle
InitializeCriticalSection
GetShortPathNameA
FileTimeToLocalFileTime
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
WaitForSingleObject
UpdateResourceA
GetCurrentDirectoryA
GlobalMemoryStatus
GetSystemDirectoryA
SetEnvironmentVariableA
FindNextFileA
Sleep
LoadLibraryExA
EnumResourceNamesA
GetStringTypeExA
CompareStringW
lstrlenW
CompareStringA
CompareFileTime
GetSystemTime
GetModuleHandleA
GetModuleFileNameA
CreateProcessA
GetCurrentProcessId
GetCurrentThreadId
ResumeThread
GetEnvironmentVariableA
GetWindowsDirectoryA
DeviceIoControl
SystemTimeToFileTime
GetSystemTimeAsFileTime
RemoveDirectoryA
LocalFree
MultiByteToWideChar
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcpynA
GlobalAlloc
MulDiv
lstrcatA
GetTempFileNameA
WriteFile
DeleteFileA
MoveFileA
GetFileAttributesA
CreateFileA
ReadFile
CloseHandle
GlobalLock
GlobalUnlock
IsDBCSLeadByte
CreateDirectoryA
CopyFileA
FindFirstFileA
FindClose
lstrlenA
lstrcpyA
lstrcmpiA
GetTickCount
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
GetProcessVersion
GetVersionExA
FreeResource
SetEndOfFile

user32

ValidateRect
BringWindowToTop
InsertMenuItemA
ReuseDDElParam
UnpackDDElParam
DestroyCursor
SetCursorPos
MapDialogRect
SetParent
PostQuitMessage
ShowOwnedPopups
CopyAcceleratorTableA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FindWindowA
DrawIcon
SetWindowRgn
CharNextA
SetWindowContextHelpId
LockWindowUpdate
CreateMenu
PostThreadMessageA
MessageBeep
InvalidateRgn
GetNextDlgGroupItem
LoadStringA
UnregisterClassA
GetClassInfoA
DefWindowProcA
SetScrollPos
InvertRect
MapWindowPoints
WinHelpA
GetTabbedTextExtentA
RegisterClipboardFormatA
SetWindowPos
IsMenu
SetMenuItemInfoA
GetMenuItemRect
GetClassNameA
GetWindowLongA
CallWindowProcA
SetWindowLongA
GetPropA
SetPropA
RemovePropA
GetForegroundWindow
GetFocus
TranslateMessage
DrawStateA
RegisterWindowMessageA
GetMenuItemInfoA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
BeginDeferWindowPos
EndDeferWindowPos
TrackPopupMenuEx
DestroyMenu
GetDesktopWindow
GetSystemMenu
GetMenu
RemoveMenu
InsertMenuA
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DrawIconEx
IntersectRect
SetMenuItemBitmaps
SetMenu
IsZoomed
IsIconic
LoadMenuA
GetSubMenu
GetTopWindow
wsprintfA
GetWindow
CharUpperA
CharLowerW
WindowFromPoint
PostMessageA
GetMessageA
DispatchMessageA
GrayStringA
DrawTextExA
ScrollWindow
TabbedTextOutA
ClientToScreen
IsRectEmpty
GetDlgCtrlID
MessageBoxA
LoadImageA
GetMessagePos
RedrawWindow
DrawFocusRect
DrawFrameControl
DrawEdge
InflateRect
GetCapture
CopyRect
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState
OpenClipboard
SetCapture
SetTimer
IsClipboardFormatAvailable
ReleaseCapture
GetCursorPos
LoadAcceleratorsA
IsWindow
EnableScrollBar
KillTimer
ScreenToClient
TranslateAcceleratorA
OffsetRect
GetDlgItem
CreateCaret
GetAsyncKeyState
ShowCaret
HideCaret
SetCaretPos
IsWindowVisible
UpdateWindow
GetParent
InvalidateRect
GetClientRect
FillRect
SetRectEmpty
SetRect
PtInRect
SetCursor
LoadIconA
DestroyIcon
SendMessageA
EnableWindow
GetWindowRect
LoadBitmapA
LoadCursorA
SystemParametersInfoA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
ModifyMenuA
GetMenuCheckMarkDimensions
GetClassInfoExA
GetLastActivePopup
GetMessageTime
IsDialogMessageA
PeekMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetScrollPos
GetWindowDC
GetMenuState
GetMenuStringA
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetDCEx
IsChild
ChangeDisplaySettingsA
EnumDisplaySettingsA
ExitWindowsEx
WaitForInputIdle
EnumThreadWindows
SetActiveWindow
SetFocus
MapVirtualKeyA
GetKeyNameTextA
DestroyWindow
RegisterClassA
CreateWindowExA
RegisterClassExA
BeginPaint
GetWindowTextA
EndPaint
SetWindowTextA
MoveWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetWindowPlacement
DrawTextA
ShowWindow
GetWindowTextLengthA
AppendMenuA
CreatePopupMenu
GetClassLongA
DeleteMenu
EqualRect

gdi32

CreatePen
GetObjectA
GetStockObject
CreateFontIndirectA
CreatePolygonRgn
GetRgnBox
GetWindowOrgEx
GetTextFaceA
GetTextAlign
DPtoLP
LPtoDP
Polyline
GetTextExtentPoint32A
GetTextMetricsA
GetTextExtentExPointA
DeleteObject
CreateRectRgn
CreateSolidBrush
SelectObject
Rectangle
CreatePalette
RealizePalette
DeleteDC
SetTextColor
BitBlt
SetBkColor
GetPixel
StretchBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
CombineRgn
FillRgn
GetCurrentObject
GetTextColor
SetPixel
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreatePatternBrush
SetPixelV
SetGraphicsMode
GetGraphicsMode
FrameRgn
CreateDIBSection
SetBkMode
CreateEllipticRgn
CreateRoundRectRgn
PtInRegion
Ellipse
Polygon
RoundRect
PatBlt
GetDIBits
GetRegionData
CreateDIBitmap
EnumFontFamiliesExA
CreateDCA
CopyMetaFileA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
SelectPalette
CreateRectRgnIndirect
SetRectRgn
GetMapMode
GetBkColor
GetViewportOrgEx
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
StretchDIBits
GetCharWidthA
CreateFontA
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetDeviceCaps

comdlg32

PageSetupDlgA
ChooseFontA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
ChooseColorA
PrintDlgA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteValueA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteKeyA
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA
RegEnumKeyA
RegSetValueA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey

shell32

SHAddToRecentDocs
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ExtractIconA
SHGetFileInfoA
FindExecutableA

comctl32

ImageList_LoadImageA
PropertySheetA
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageInfo
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Create
InitCommonControlsEx
ImageList_Add
ord17
ImageList_Destroy

oledlg

ord8

ole32

CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
IsAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
OleLockRunning
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CLSIDFromProgID
CreateBindCtx
MkParseDisplayName
CoInitialize
CoCreateInstance
OleRegGetUserType
ProgIDFromCLSID
CoTaskMemFree
StringFromGUID2
CLSIDFromString
CoCreateGuid
OleTranslateAccelerator

oleaut32

SafeArrayDestroy
VariantCopy
SystemTimeToVariantTime
SysAllocStringByteLen
VariantInit
VariantClear
VariantChangeType
VarR8FromCy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetElemsize
VarCyFromI4
VarCyFromR8
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayUnlock
LHashValOfNameSys
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e1f77c0467d6dcbc8abfb65aecadec8

Headers

File Characteristics

Imports

winmm

iscmplr

version

wsock32

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 32KB - Virtual size: 46KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 32KB - Virtual size: 46KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB