NEAS[.]3f14a1d219d5e0dfd422b956be9afd00_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.3f14a1d219d5e0dfd422b956be9afd00_JC.exe
Size

376KB
MD5

3f14a1d219d5e0dfd422b956be9afd00
SHA1

53ed033ad43ebc18733c64aa19ebc434a60c2dde
SHA256

066d0193b48e3681fd7f645cc246b64c20588d77fc20018ec6fdc40858db200a
SHA512

7ce77e45753c4deb0e22c6f332d8ceec514c681adee4f86cf591c71c244008a05132529defeee44ede04906af230639a4fdf6a3d7d400b84cb9a65c56cb8cbdf
SSDEEP

6144:AQGsMQN0De/okXDaph0vJgH6NfNHfkbmHya:AQGuCe/oaD+myO1sa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3f14a1d219d5e0dfd422b956be9afd00_JC.exe

Files

NEAS.3f14a1d219d5e0dfd422b956be9afd00_JC.exe
.exe windows:5 windows x86

a5172bde6137239cca0773f01db5a84b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
SetCurrentDirectoryW
HeapReAlloc
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WriteFile
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStartupInfoW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLongPathNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
GetAtomNameW
FreeLibrary
FormatMessageW
FlushInstructionCache
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FindAtomW
ExpandEnvironmentStringsW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
DeleteAtom
CreateProcessW
CreateFileW
CreateDirectoryW
CompareStringW
CloseHandle
AddAtomW
VirtualAlloc
ReadFile
lstrcatA
GetSystemDirectoryA
CreateFileA
GetTickCount
GetModuleHandleA
GetCommandLineA
SetLastError
ExitProcess

user32

GetClientRect
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMonitorInfoW
GetNextDlgTabItem
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetWindow
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadCursorW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MoveWindow
NotifyWinEvent
OffsetRect
PeekMessageW
PostMessageA
PostMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ScreenToClient
SendMessageA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardViewer
SetCursor
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoW
SetParent
SetRect
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
TrackPopupMenuEx
TranslateAcceleratorW
UnhookWindowsHookEx
UnionRect
WinHelpW
wsprintfW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
FindWindowExW
FillRect
EqualRect
EnumThreadWindows
EnumChildWindows
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DestroyWindow
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeleteMenu
DeferWindowPos
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CreateIconIndirect
CreateAcceleratorTableW
CopyRect
CopyImage
CopyIcon
ClientToScreen
ChildWindowFromPointEx
CharUpperW
CharNextW
CharLowerW
ChangeClipboardChain
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginDeferWindowPos
AppendMenuW
AdjustWindowRectEx
LoadIconW
UpdateWindow
TranslateMessage
ShowWindow
SetMenu
ReleaseDC
RegisterClassExA
PostQuitMessage
LoadMenuA
LoadIconA
LoadCursorA
LoadBitmapA
GetSystemMetrics
GetMessageA
GetDC
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
BeginPaint
GetClassNameW

gdi32

Escape
ExtTextOutA
ExtTextOutW
FillRgn
GetBrushOrgEx
GetDIBits
GetDeviceCaps
GetLayout
GetObjectA
GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
LPtoDP
OffsetRgn
DeleteObject
PlayEnhMetaFile
PtInRegion
PtVisible
RealizePalette
RectVisible
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetLayout
SetStretchBltMode
SetTextAlign
SetTextColor
StretchBlt
StretchDIBits
TextOutW
DeleteEnhMetaFile
CreateSolidBrush
CreateRectRgn
CreatePolygonRgn
CreatePatternBrush
CreateHalftonePalette
CreateFontIndirectW
CreateDIBSection
CreateDIBPatternBrushPt
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateCompatibleDC
PatBlt
BitBlt

advapi32

TraceEvent
RegisterTraceGuidsW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegOpenKeyA
UnregisterTraceGuids

msvcrt

_CxxThrowException
_XcptFilter
__CxxFrameHandler
__RTDynamicCast
__argc
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wargv
__wgetmainargs
_adjust_fdiv
_c_exit
_callnewh
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_itow
_ltow
_mbslen
_mbsnbcnt
_onexit
_purecall
_snwprintf
_ultow
_vsnwprintf
_wcmdln
_wcsicmp
_wcsnicmp
_wtoi
atoi
exit
free
fwrite
iswspace
malloc
memmove
qsort
realloc
strtol
swprintf
swscanf
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsncpy
wcsrchr
wcsstr
wcstol
wcstoul

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5172bde6137239cca0773f01db5a84b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata2 Size: 16KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 148KB - Virtual size: 148KB

Size: 12KB - Virtual size: 12KB

.text
Size: 180KB - Virtual size: 180KB

.rdata2
Size: 16KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 148KB - Virtual size: 148KB