NEAS[.]749a9c3e4b0c1519d73e636248ef1500_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.749a9c3e4b0c1519d73e636248ef1500_JC.exe
Size

397KB
MD5

749a9c3e4b0c1519d73e636248ef1500
SHA1

644ed4727fb93e0de16911381f1a25312f4517b4
SHA256

a8d7ba70e3f8e652e044fcd69bfb550e745146ff69b44d9dfde6245ed1849850
SHA512

e303a4660cda869529a3b8e5780a13d61955e5cd48fb9ca3b59b4e441f20984ec647c7e36ffda42cce3d6ce569f5de3524f2326d672fdf800d218f681a20d465
SSDEEP

6144:AywngHq9nK0nBtFWPzZhvV9kWscyMzX58HrjY7KsPp1yIfrA6xdB:YngKTcbB9OrY7Ks/y6rA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.749a9c3e4b0c1519d73e636248ef1500_JC.exe

Files

NEAS.749a9c3e4b0c1519d73e636248ef1500_JC.exe
.dll windows:6 windows x86

4769011746865c391dd34725f1f71cb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentThreadId
CreateProcessA
GetLastError
FormatMessageA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140

memset
longjmp
memcpy
_setjmp3
strchr
strrchr
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

fclose
fflush
__acrt_iob_func
__stdio_common_vfprintf
fopen
setvbuf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strlen
strncmp
strtok_s
strncpy
strcmp
strcpy
_strdup
isdigit
strcat

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-runtime-l1-1-0

abort
_initialize_onexit_table
exit
_getpid
_configure_narrow_argv
_initterm_e
_sleep
_errno
_initterm
strerror
_register_onexit_function
_initialize_narrow_environment
_seh_filter_dll
_crt_atexit
_cexit
_execute_onexit_table

api-ms-win-crt-convert-l1-1-0

strtol
atol

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-time-l1-1-0

_time64
_localtime64
strftime

Exports

Exports

_Agent_OnLoad@12
_Agent_OnUnload@4

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4769011746865c391dd34725f1f71cb8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 248KB - Virtual size: 248KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 248KB - Virtual size: 248KB