NEAS[.]f6fd6ad5f56bc6b669167d99cc480670_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.f6fd6ad5f56bc6b669167d99cc480670_JC.exe
Size

60KB
MD5

f6fd6ad5f56bc6b669167d99cc480670
SHA1

9fc6d68fbcdbdfde12a413ad4b33ce633bbcae27
SHA256

c550fa39f4958ce91ed1c1101279b80feb6e464e45d91e1167558e322d61a1f2
SHA512

4df0eda906d69265209f9e43557e4ba55ee542f438bd62d8b5a402d976001b1a24aca15f605657b2165f78807cbfcb5d2503a70f24ab144e6f63e3db39e6887a
SSDEEP

1536:eQZU1cfMvRERrzwUnU9CdNpXkhJ/30FmsVM8IfWh:bNMvRERrzwiNpAJ/WCfA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.f6fd6ad5f56bc6b669167d99cc480670_JC.exe

Files

NEAS.f6fd6ad5f56bc6b669167d99cc480670_JC.exe
.dll regsvr32 windows:4 windows x86

395085292b38c9a818b2ff274be8cfbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
RemoveDirectoryA
GetShortPathNameA
GetWindowsDirectoryA
MoveFileExA
CopyFileA
FreeLibrary
GetProcAddress
SetFileAttributesA
GetModuleFileNameA
LoadLibraryExA
SetErrorMode
CreateDirectoryA
SetCurrentDirectoryA
GetSystemDirectoryA
FindNextFileA
GetEnvironmentVariableA
FindFirstFileA
FindClose
GetVersionExA

user32

MessageBoxA
LoadStringA

advapi32

RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
SHChangeNotify

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

SHDeleteValueA
SHGetValueA
StrStrIA
SHSetValueA
SHDeleteKeyA

msvcrt

fgets
_strnicmp
fseek
fprintf
fclose
malloc
free
_snprintf
_stricmp
fopen
strrchr
rewind
??3@YAXPAX@Z
__CxxFrameHandler
_initterm
_adjust_fdiv

Exports

Exports

DllRegisterServer
DllUnregisterServer
InstDVDCodes
InstDVDCodesEx
IsInstMPCCodes
MPAddExtShell
RepairFileExtShell

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

395085292b38c9a818b2ff274be8cfbb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB