NEAS[.]2dfdaf30d6d7c34fd3f9648d2a4f8120_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2dfdaf30d6d7c34fd3f9648d2a4f8120_JC.exe
Size

4.9MB
MD5

2dfdaf30d6d7c34fd3f9648d2a4f8120
SHA1

0d1d9a095a028ef6713b6d713eee1f9af2adb8e4
SHA256

da9b2963e215815e6501aaa5d5d0c4d939476fbf2f57db6da32e454b19e181cf
SHA512

343f548161e83dec8fdfb4fdd57a2dfacf1d282b2629c9f7981f287b2b8beea23b47e3a8b6aeae99724c8fdc524ebacf63abb597bbacaff4ca0d87a72de62e22
SSDEEP

98304:Cf42nbCkcJUxskB0biWm4GUKuQakKdm8TrBWJkh430Uvd:GvCkuVkB0uL4GUTQakO80qd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2dfdaf30d6d7c34fd3f9648d2a4f8120_JC.exe

Files

NEAS.2dfdaf30d6d7c34fd3f9648d2a4f8120_JC.exe
.exe windows:4 windows x86

dafa6595ae7014aaa57b1ddff2f7af71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

mpr

WNetCloseEnum

comctl32

ImageList_GetIconSize
InitCommonControlsEx

kernel32

LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
lstrcmpA
lstrcmpiA
lstrcmpW
lstrcpyA
lstrlenA
lstrlenW
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ResumeThread
SearchPathA
IsProcessorFeaturePresent
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringA
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
HeapSize
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVolumeInformationA
LoadLibraryW
GetTimeZoneInformation
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProfileIntA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetNumberFormatA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileAttributesExA
GetFileAttributesA
GetEnvironmentStringsW
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetCPInfo
GetConsoleMode
GetConsoleCP
GetACP
FreeResource
FreeEnvironmentStringsW
FormatMessageA
FlushFileBuffers
FindResourceW
FindResourceExW
FindResourceA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
ExitProcess
DuplicateHandle
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileW
CreateFileA
CreateEventA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
GetStartupInfoA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
MulDiv
LoadLibraryExA
LCMapStringW
GetVersionExA
IsValidCodePage
SetCurrentDirectoryA

user32

IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadMenuA
LoadMenuW
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoA
TabbedTextOutA
ToAsciiEx
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
VkKeyScanA
IsWindowEnabled
IsWindow
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharLowerA
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GrayStringA
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenuCheckMarkDimensions
GetLastActivePopup
GetKeyNameTextA
GetKeyboardState
GetKeyboardLayout
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
ReuseDDElParam
UnpackDDElParam
GetCursorPos
GetClassNameA
GetClassLongA
GetClassInfoExA
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FillRect
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExA
DrawTextA
DrawStateA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamA
CreateAcceleratorTableA
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableA
CloseClipboard
ClientToScreen
CheckMenuItem
CheckDlgButton
CharUpperBuffA
CharUpperA
CharNextA
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
GetKeyState
GetDialogBaseUnits
SystemParametersInfoW
CreateWindowExW
SendMessageW
GetClientRect
GetParent

gdi32

GetDeviceCaps
GetMapMode
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
LPtoDP
MoveToEx
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
Polyline
PtInRegion
GetBkColor
ExcludeClipRect
Rectangle
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBColorTable
SetMapMode
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetRectRgn
SetROP2
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
Escape
EnumFontFamiliesExA
EnumFontFamiliesA
Ellipse
DPtoLP
DeleteObject
GetClipBox
RealizePalette
GetBoundsRect
CopyMetaFileA
CombineRgn
FrameRgn
FillRgn
ExtTextOutA
ExtSelectClipRgn
BitBlt
PtVisible
CreateFontIndirectW
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateHatchBrush
CreateFontIndirectA
CreateEllipticRgn
CreateDIBSection
CreateDIBitmap
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
ExtFloodFill

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

DragQueryFileA
ShellExecuteA
DragFinish

ole32

OleIsCurrentClipboard
OleLockRunning
OleTranslateAccelerator
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
OleGetClipboard
OleDuplicateData
OleDestroyMenuDescriptor
IsAccelerator
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
DoDragDrop

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

msvcrt

__set_app_type
_controlfp
__p__commode
_adjust_fdiv
__p__fmode
_acmdln
_except_handler3
__setusermatherr
_initterm
__getmainargs
exit
_XcptFilter
_exit

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atls2
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 808KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ll10303
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dafa6595ae7014aaa57b1ddff2f7af71

Headers

File Characteristics

Imports

winmm

imm32

mpr

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 4.0MB

.atls2 Size: 8KB - Virtual size: 4KB

.rsrc Size: 808KB - Virtual size: 804KB

ll10303 Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 4.0MB

.atls2
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 808KB - Virtual size: 804KB

ll10303
Size: 1.8MB - Virtual size: 1.8MB