NEAS[.]559fd90b0a5a0b675354e1c94ca31b00_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.559fd90b0a5a0b675354e1c94ca31b00_JC.exe
Size

2.9MB
MD5

559fd90b0a5a0b675354e1c94ca31b00
SHA1

07bcb905dfdb6bc1056638ee07ca3fa3141fc9b2
SHA256

5a3fae99a1cf00a39d0ef5aeb000940b5e1b32edf2d4ca95620dba3dc7814288
SHA512

958aeb4fb1cb63bc8fb2e07acd81ef6187e657756ad3ac7ef563fde2a23c90cac3771ed437ec84f3bc424c65c4c155d87f225dfcc15bb75332c37bf433f77b78
SSDEEP

24576:O0h716b2Q/KfOYdCgf7UvlWxV11luOZrvWxjTKjIOAgcPNqS7xxmCpKHFQh4oeaU:OBr4OAWt0fcwSjmC8lQmaw3fWOTXl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.559fd90b0a5a0b675354e1c94ca31b00_JC.exe

Files

NEAS.559fd90b0a5a0b675354e1c94ca31b00_JC.exe
.exe windows:4 windows x86

e108062834099c28b666bc8de575fe07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_Add
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord16
ord17
ord6

wsock32

getsockopt
getservbyname
ntohs
send
WSASetLastError
recv
shutdown
closesocket
WSAStartup
htonl
socket
setsockopt
WSAGetLastError
connect
inet_addr
gethostbyname
inet_ntoa
htons

psapi

GetModuleFileNameExA

kernel32

GetStringTypeA
EnumSystemLocalesA
GetCurrentDirectoryA
GetConsoleOutputCP
WriteConsoleA
CreateFileW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetOEMCP
IsDebuggerPresent
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
GetModuleFileNameW
WriteConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitThread
MoveFileA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
HeapReAlloc
GetDateFormatA
GetTimeFormatA
GetStartupInfoA
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
FlushConsoleInputBuffer
QueryPerformanceCounter
GetVersion
lstrlenA
SetFilePointer
RaiseException
GetStdHandle
DuplicateHandle
CreateProcessA
CreateThread
SetNamedPipeHandleState
PeekNamedPipe
CreatePipe
WriteFile
ReadFile
IsValidLocale
GetUserDefaultLCID
GetACP
GetExitCodeProcess
GlobalMemoryStatus
SetEnvironmentVariableA
GetModuleHandleA
IsValidCodePage
GetCPInfo
GetCurrentProcessId
GetEnvironmentVariableA
GetThreadLocale
GetLocaleInfoA
GetTimeZoneInformation
ExpandEnvironmentStringsA
ExitProcess
GetCurrentProcess
TlsAlloc
TlsSetValue
TlsFree
TlsGetValue
ResumeThread
TerminateThread
SetThreadPriority
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
ReleaseMutex
CreateMutexA
Sleep
FindNextFileA
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
GetFileAttributesA
GetFileType
GetTempFileNameA
GetFileTime
FindFirstFileA
FindClose
GetTempPathA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetProcessHeap
HeapSize
GlobalFree
GlobalSize
InitializeCriticalSection
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GlobalAlloc
GlobalUnlock
GlobalLock
WideCharToMultiByte
LocalAlloc
SetEndOfFile
LocalFree
FreeLibrary
LoadLibraryA
SetErrorMode
GetCommandLineA
GetCurrentThreadId
MultiByteToWideChar
SetLastError
GetLastError
FormatMessageA
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
CloseHandle
Process32Next
GetVersionExA
GetTickCount
OutputDebugStringA
GetComputerNameA
GetModuleFileNameA
GetStringTypeW
LoadLibraryW
GetLocaleInfoW
CompareStringA
CompareStringW

user32

WaitForInputIdle
MessageBeep
PostThreadMessageA
ShowCursor
EnumDisplaySettingsA
ChangeDisplaySettingsA
DrawStateA
DrawEdge
SetClipboardData
RegisterClipboardFormatA
GetMessagePos
UnionRect
IsDialogMessageA
ValidateRect
GetWindowDC
GetMenuStringA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
InsertMenuItemA
GetSubMenu
CreateMenu
AppendMenuA
InsertMenuA
RemoveMenu
DestroyMenu
CreatePopupMenu
SetMenuItemInfoA
DrawIconEx
DrawFrameControl
DestroyCursor
TranslateAcceleratorA
CreateAcceleratorTableA
DestroyAcceleratorTable
MapWindowPoints
ModifyMenuA
CheckMenuRadioItem
CheckMenuItem
GetMenuState
GetForegroundWindow
ChildWindowFromPoint
HideCaret
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
keybd_event
KillTimer
SetTimer
OffsetRect
DdeFreeStringHandle
CopyRect
DrawTextA
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
DdeConnect
MessageBoxA
CreateIconIndirect
LoadImageA
DestroyIcon
GetIconInfo
LoadBitmapA
LoadIconA
GetDlgItem
CreateDialogParamA
CreateDialogIndirectParamA
RegisterClassA
UnregisterClassA
FlashWindow
SetWindowRgn
GetMenu
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
IsIconic
IsZoomed
BringWindowToTop
InflateRect
GetUpdateRgn
GetSysColor
DdeQueryStringA
DdeUninitialize
GetSystemMetrics
GetWindowRect
GetDesktopWindow
ShowWindow
SetForegroundWindow
PostMessageA
SetMenu
EndPaint
DrawIcon
GetClientRect
CreateWindowExA
TrackPopupMenu
IsWindow
PtInRect
SetCursor
GetCapture
DestroyWindow
UnregisterHotKey
RegisterHotKey
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoA
SystemParametersInfoA
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
InvalidateRect
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeA
DdeDisconnect
DdeClientTransaction
GetProcessWindowStation
GetUserObjectInformationW
wsprintfA
wvsprintfA
DrawFocusRect
DdePostAdvise
BeginPaint
GetUpdateRect
SendMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
PeekMessageA
ReleaseDC
GetDC
VkKeyScanA
GetAsyncKeyState
GetKeyState
DdeNameService
LoadCursorA
DdeCreateStringHandleA
FillRect
GetWindowLongA
SetWindowLongA
SetWindowPos
SetFocus
EnableWindow
SetCapture
ReleaseCapture
SetCursorPos
GetScrollInfo
SetScrollInfo
ScrollWindow
GetParent
WindowFromPoint
GetCursorPos
SetParent
RedrawWindow
UpdateWindow
ScreenToClient
ClientToScreen
MoveWindow
DeferWindowPos
DefWindowProcA
CallWindowProcA
IsWindowVisible
SetWindowTextA
GetFocus
IsWindowEnabled
GetMessageA

gdi32

LineTo
MoveToEx
SetTextColor
SetBkMode
CreatePen
CreateSolidBrush
SetBrushOrgEx
CreatePatternBrush
SetStretchBltMode
GetClipBox
ExtSelectClipRgn
ExtFloodFill
GetPixel
SetPixel
Polyline
PolyBezier
TextOutA
SetROP2
GetCharABCWidthsA
GetTextExtentExPointA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
SetMapMode
GetBkColor
GetTextColor
SelectClipRgn
Arc
SetBkColor
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
GetStockObject
MaskBlt
StretchBlt
StretchDIBits
ExtCreatePen
CreateHatchBrush
GetNearestPaletteIndex
CreatePalette
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
CombineRgn
RestoreDC
SaveDC
CreateRectRgnIndirect
SetTextAlign
PatBlt
CreateICA
CreateDIBSection
GetDIBits
CreateDIBitmap
GetDIBColorTable
GetSystemPaletteEntries
EnumFontFamiliesExA
GetEnhMetaFileA
CopyEnhMetaFileA
DeleteEnhMetaFile
SetAbortProc
EndDoc
StartPage
EndPage
StartDocA
CreateDCA
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateCompatibleDC
GetPaletteEntries
GetObjectA
GetDeviceCaps
DeleteObject
CreateFontIndirectA
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32A
SelectPalette
RealizePalette
GdiFlush
SelectObject
Pie
GetTextMetricsA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

PrintDlgA
ChooseColorA
ChooseFontA
PageSetupDlgA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
EncryptFileA
FileEncryptionStatusA
DecryptFileA
GetUserNameA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCloseKey

shell32

SHGetMalloc
ShellExecuteExA
ExtractIconExA
ExtractIconA
DragQueryFileA
SHGetPathFromIDListA
DragFinish
DragAcceptFiles
SHFileOperationA
SHChangeNotify
SHCreateDirectoryExA
DragQueryPoint
SHGetSpecialFolderLocation

ole32

RegisterDragDrop
OleSetClipboard
CoLockObjectExternal
RevokeDragDrop
OleInitialize
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
OleIsCurrentClipboard
OleUninitialize
CoCreateInstance

userenv

GetAllUsersProfileDirectoryA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 644KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e108062834099c28b666bc8de575fe07

Headers

File Characteristics

Imports

comctl32

wsock32

psapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

userenv

iphlpapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 644KB - Virtual size: 642KB

.data Size: 56KB - Virtual size: 4.9MB

.rsrc Size: 364KB - Virtual size: 363KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 644KB - Virtual size: 642KB

.data
Size: 56KB - Virtual size: 4.9MB

.rsrc
Size: 364KB - Virtual size: 363KB