NEAS[.]d6bb5b097b7277df6e81a220c3a59650_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.d6bb5b097b7277df6e81a220c3a59650_JC.exe
Size

2.9MB
MD5

d6bb5b097b7277df6e81a220c3a59650
SHA1

de187b99a9f85c101cf8fefee3c4e009c5c18641
SHA256

6a4a2a901073ff2a99260bc17895ffdd029b6d4ac27bd932543c7499229fd0b5
SHA512

9b43af8534f8ce97902690ba71290bdb85df8d89a7f27227a41498f440acdcf98c2e5c9ebb2fb9fdc6f38a27dfddacc18f4e12398c1b96caaec658155b5ffca9
SSDEEP

49152:9cClUEi8FaqMxZWWKN5SYSM7eq61ac5bAh34CwBa5RGwl/48kw5wCwsfgkZoFUVX:9cCHFMxkHNJSM70ac5bAh34CwBa5RGwU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d6bb5b097b7277df6e81a220c3a59650_JC.exe

Files

NEAS.d6bb5b097b7277df6e81a220c3a59650_JC.exe
.exe windows:5 windows x86

97eb0e9b529091f494760bba0e0f37ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
SetWaitableTimer
CancelWaitableTimer
ResetEvent
WaitForMultipleObjects
CreateWaitableTimerW
CreateMutexW
GetPrivateProfileStringA
GlobalMemoryStatusEx
ReleaseMutex
lstrcpynW
GetLogicalDriveStringsW
GetExitCodeProcess
OutputDebugStringW
GetPrivateProfileSectionW
GetLocaleInfoA
GetConsoleMode
GetDateFormatW
GetTimeFormatW
ReleaseSemaphore
CreateSemaphoreW
SetEnvironmentVariableA
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
SetConsoleCtrlHandler
FatalAppExitA
CloseHandle
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapQueryInformation
CreateThread
ExitThread
HeapReAlloc
ExitProcess
RaiseException
HeapFree
HeapAlloc
DecodePointer
EncodePointer
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
LocalLock
LocalUnlock
FindResourceExW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
CreateFileW
lstrcmpiW
GetStringTypeExW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
DeleteFileW
GetCurrentDirectoryW
lstrcpyW
GetSystemDirectoryW
GetAtomNameW
GlobalGetAtomNameW
lstrlenA
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
SetLastError
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetUnhandledExceptionFilter
lstrlenW
GetCurrentProcessId
CreateProcessW
OpenProcess
WaitForSingleObject
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
OpenFileMappingW
MapViewOfFile
CreateFileMappingW
GetSystemPowerStatus
UnmapViewOfFile
GetDriveTypeW

user32

WaitMessage
PostThreadMessageW
CreateMenu
InSendMessage
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
CreateDialogIndirectParamW
EndDialog
GetNextDlgGroupItem
LoadImageW
GetIconInfo
GetNextDlgTabItem
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
IntersectRect
CharUpperW
DestroyIcon
IsIconic
InvalidateRect
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorW
GetSysColorBrush
CopyImage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuDefaultItem
SetSysColors
ClientToScreen
SystemParametersInfoW
GetSystemMetrics
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
PostQuitMessage
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SetTimer
KillTimer
MsgWaitForMultipleObjectsEx
EnableWindow
PostMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
IsClipboardFormatAvailable
SendNotifyMessageW
FrameRect
GetUpdateRect
OpenClipboard
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
GetDialogBaseUnits
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
MapDialogRect
DrawIcon
DestroyCursor
WindowFromDC
GetWindowRgn
GetDesktopWindow
ChangeDisplaySettingsW
IsWindow
FindWindowW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
EnumDisplaySettingsExW
GetTabbedTextExtentW
GetDCEx
RealChildWindowFromPoint
EnumChildWindows
SetThreadDesktop
OpenDesktopW
SetProcessWindowStation
OpenWindowStationW
CloseWindowStation
CloseDesktop
UnhookWindowsHookEx
GetWindow
PtInRect
CopyRect
SetWindowPos
SetWindowLongW
GetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
SendMessageW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetWindowRect
GetParent
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetClientRect
UpdateWindow
ValidateRect
IsWindowVisible
RedrawWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
SetClipboardData

gdi32

CombineRgn
GetMapMode
PatBlt
DPtoLP
GetCurrentObject
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
RoundRect
Rectangle
EnumFontFamiliesExW
SetRectRgn
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
SetViewportOrgEx
SelectObject
Escape
CreateFontW
StretchDIBits
GetCharWidthW
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
LPtoDP
SetTextColor
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
OffsetViewportOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

GetJobW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

OpenSCManagerW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
GetUserNameW
ControlService
QueryServiceStatus
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenServiceW
RegCloseKey
CloseServiceHandle
RegNotifyChangeKeyValue
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW

shell32

SHBrowseForFolderW
ExtractIconW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFolderPathW
SHChangeNotify
ShellExecuteExW
SHAddToRecentDocs
SHGetMalloc
SHAppBarMessage
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFileExistsW

ole32

DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CreateStreamOnHGlobal
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
PropVariantCopy
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CoInitializeEx
CoRevokeClassObject
StringFromGUID2
CoUninitialize
CoRegisterClassObject
CoGetClassObject
CoInitialize
CoCreateInstance
CoDisconnectObject
CoCreateGuid
StgCreateDocfileOnILockBytes
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
OleRun
OleGetClipboard
CoSetProxyBlanket
CoInitializeSecurity
CLSIDFromProgID
CreateFileMoniker
CoRegisterMessageFilter
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
CLSIDFromString
RegisterDragDrop

oleaut32

SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
VariantInit
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
CreateErrorInfo
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
VariantChangeType
VariantClear
SysAllocStringLen
SafeArrayAllocData
GetErrorInfo
SetErrorInfo
SysReAllocStringLen

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

mixerGetLineControlsW
mixerOpen
mciSendCommandW
mixerSetControlDetails
mixerGetDevCapsW
mixerGetLineInfoW
mixerClose
mixerGetControlDetailsW
PlaySoundW

setupapi

CM_Get_Device_IDW
CM_Request_Device_EjectW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
CM_Get_DevNode_Status

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97eb0e9b529091f494760bba0e0f37ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

setupapi

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 527KB - Virtual size: 526KB

.data Size: 37KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 182KB - Virtual size: 181KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 527KB - Virtual size: 526KB

.data
Size: 37KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 182KB - Virtual size: 181KB