NEAS[.]7ef6c3d941f2d4931bf81f973dd14800_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.7ef6c3d941f2d4931bf81f973dd14800_JC.exe
Size

94KB
MD5

7ef6c3d941f2d4931bf81f973dd14800
SHA1

8ac6332e2997ab65fe7001e1bfb6b5338b0ca8d4
SHA256

6ed09d7f42a3cae9efaf5af76063f662bbbe4fbe12381da661ff1d6b952e3155
SHA512

944125a1519da348b9d80527ffc0cfe8a0060d98da2343305616e0f538b59ad86c8d707921b669d6fb35a1d0c953a4c89c9a2e8f7ece93a5eb9ef404c7af1415
SSDEEP

1536:j4Gbj42fbknCARfDAIw+/GOs2M0JpvazuHTBZTqrFJfdadgiIb5:UGbE4bqxRf0IrRs23pSKHTrwFrQub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7ef6c3d941f2d4931bf81f973dd14800_JC.exe

Files

NEAS.7ef6c3d941f2d4931bf81f973dd14800_JC.exe
.dll windows:4 windows x86

edf223d4e5f560f2550f852abe58ceab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
WideCharToMultiByte
FlushInstructionCache
GetCurrentProcess
CreateEventA
CloseHandle
ResetEvent
MulDiv
MultiByteToWideChar
GetFileAttributesA
lstrlenW
GetFileAttributesW
GetVersion
WritePrivateProfileStringA
GetPrivateProfileIntA
GetProcAddress
GetModuleHandleA
DisableThreadLibraryCalls
lstrcatA
lstrcpyA
GetModuleFileNameA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FindResourceA
SizeofResource
LockResource
LoadResource
ReadFile
Sleep
DeleteFileW
GetFileSize
SetEndOfFile
SetFilePointer
WriteFile
CreateFileW

user32

SetWindowLongA
EndDialog
DestroyWindow
wsprintfA
DialogBoxParamA
GetDlgItem
SendMessageA

ole32

CoTaskMemAlloc
CoTaskMemFree

msvcrt

_wcsicmp
_purecall
??3@YAXPAX@Z
free
memcmp
malloc
strlen
memcpy
realloc
wcsstr
memset
??2@YAPAXI@Z
_mbsrchr
__CxxFrameHandler
wcslen
_ftol
memmove
wcscpy
strncmp
_CxxThrowException
calloc
_initterm
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ

Exports

Exports

_FillWaveFormatEx@16
_FillWaveHeader@16
ttpGetSoundAddIn

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf223d4e5f560f2550f852abe58ceab

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB