NEAS[.]f77f8e1e6188abe522ec9c0068e5a630_JC[.]exe

General

Target

NEAS.f77f8e1e6188abe522ec9c0068e5a630_JC.exe
Size

40KB
MD5

f77f8e1e6188abe522ec9c0068e5a630
SHA1

8b3f9ed56663105eefb825d5d12efba155f981ed
SHA256

2d95f910297384d46c43ed8847998aee522f8281cc0d475cf14026b55d39cb29
SHA512

c4a01868db13cd3ef14c18c9f5f9fbd885549bb27bc681504c218e61249053d8a351ac454592dc190c4121bd9869dc620bab6a8ef781aff430e717c55ffa7370
SSDEEP

768:vI2GoVRkF7+o6o8QTg7RiXlH8quyCYbB8ogU:jG2EqQ98qBcob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f77f8e1e6188abe522ec9c0068e5a630_JC.exe

Files

NEAS.f77f8e1e6188abe522ec9c0068e5a630_JC.exe
.exe windows:4 windows x86

a7111a2f12a1622eb8083695c68fc809

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SystemTimeToFileTime
GetLocalTime
CreateEventA
GetTickCount
GetPrivateProfileStringA
GetModuleFileNameA
SetConsoleCursorPosition
SetConsoleWindowInfo
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetLargestConsoleWindowSize
SetConsoleMode
GetStdHandle
SetConsoleTitleA
FillConsoleOutputCharacterA
CreateFileA
CloseHandle
ScrollConsoleScreenBufferA
ReadFile
SetFilePointer
WriteConsoleOutputCharacterA
WaitForSingleObjectEx
ReadConsoleInputA
GetNumberOfConsoleInputEvents
WriteFile
GetLastError
CreateDirectoryA
SetEvent
ReadFileEx
WriteFileEx
HeapReAlloc
VirtualAlloc
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
SetStdHandle
FileTimeToSystemTime
GetCPInfo
GetStringTypeA
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeW
LCMapStringW
GetEnvironmentStringsW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
MultiByteToWideChar
LCMapStringA

ws2_32

ntohl
ntohs
connect
htonl
inet_addr
htons
WSAStartup
WSACleanup
WSASocketA
closesocket

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7111a2f12a1622eb8083695c68fc809

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB