NEAS[.]0e047778907d5122f4339e57f735a0b0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0e047778907d5122f4339e57f735a0b0_JC.exe
Size

921KB
MD5

0e047778907d5122f4339e57f735a0b0
SHA1

3b28de42017357cacbec026de02d12bd485fef7e
SHA256

afb6bb83e9d92e5876bedbf07fc26d300c40efbc264dc0b4bab8abf909b90a2b
SHA512

0fedcd2667b69de29cec0a869e44701cbdbf98479542fe52ef32cc41ec17bd8be8f0cdcee66d8c793d1b5499132a5e55785fe0dc701b1061e4537574fd44646f
SSDEEP

12288:xxaa2SWyQozhH+xKzultF/71H8XEMTBDSfjooohzzz1VNDs7/l+VB6iPpeqxqufO:nXh6KzuH9VCE4xzzz17c/KVuKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0e047778907d5122f4339e57f735a0b0_JC.exe

Files

NEAS.0e047778907d5122f4339e57f735a0b0_JC.exe
.exe windows:5 windows x86

62bff78fd99a61edc50d6b2022b21ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
GetCurrentProcessId
lstrcmpW
WaitForSingleObject
CreateThread
HeapDestroy
HeapCreate
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleFileNameA
GetStdHandle
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
TlsFree
TlsSetValue
TlsAlloc
EnterCriticalSection
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetLastError
FormatMessageW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringW
HeapFree
HeapAlloc
lstrlenW
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLastError
GetTickCount
SetFilePointer
FreeLibrary
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
GetModuleHandleW
LoadLibraryW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetProcAddress
GetModuleFileNameW
GetSystemTime
GetWindowsDirectoryW
GetFileTime
GetEnvironmentStringsW
FileTimeToSystemTime
GetFileSize
ReadFile
GetSystemDirectoryW
CreateFileW
WriteFile
CloseHandle
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
TlsGetValue
RaiseException

user32

CheckMenuRadioItem
RemoveMenu
CreatePopupMenu
LoadStringA
PostQuitMessage
InsertMenuW
AppendMenuW
DeleteMenu
TranslateAcceleratorW
SetMenuDefaultItem
AdjustWindowRectEx
MessageBoxW
KillTimer
SetTimer
SetWindowPlacement
SetMenu
GetMenu
SetWindowTextW
GetSubMenu
PtInRect
IsMenu
SetWindowsHookExW
GetClassNameW
OffsetRect
GetKeyState
CharLowerW
UnhookWindowsHookEx
InflateRect
RegisterWindowMessageW
GetSysColorBrush
GetSysColor
GetWindowDC
TrackPopupMenuEx
GetMessagePos
WindowFromPoint
MessageBeep
FrameRect
ModifyMenuW
DrawEdge
MonitorFromPoint
GetMonitorInfoW
DialogBoxParamW
SetDlgItemTextW
DrawFrameControl
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
DrawTextW
FillRect
GetActiveWindow
IsWindowEnabled
ScreenToClient
LoadMenuW
LoadAcceleratorsW
DestroyMenu
GetWindowRect
CallWindowProcW
GetDlgItemTextW
EndDialog
GetWindow
MonitorFromWindow
GetDlgItem
GetCapture
ReleaseCapture
GetCursorPos
DrawFocusRect
GetDlgCtrlID
SetCapture
GetWindowTextLengthW
SystemParametersInfoW
GetWindowTextW
GetClassInfoExW
LoadImageW
RegisterClassExW
CharNextW
GetMessageW
GetForegroundWindow
GetAsyncKeyState
CallNextHookEx
SetRectEmpty
LoadStringW
GetParent
GetDC
ReleaseDC
InvalidateRect
SetCursor
DestroyWindow
BringWindowToTop
MapWindowPoints
ChangeClipboardChain
IsWindowVisible
ShowWindow
IsWindow
GetClassInfoW
LoadCursorW
RegisterClassW
CreateWindowExW
SetClipboardViewer
GetWindowLongW
SetWindowLongW
BeginPaint
EndPaint
DefWindowProcW
GetClipboardOwner
GetWindowThreadProcessId
OpenClipboard
EmptyClipboard
CloseClipboard
PostMessageW
SendMessageW
GetFocus
SetRect
SetWindowPos
UpdateWindow
SetFocus
GetClientRect
GetSystemMetrics
wsprintfW
PeekMessageW
TranslateMessage
DispatchMessageW
GetWindowPlacement
UnregisterClassA

gdi32

SetBkColor
CreateDIBSection
CreatePatternBrush
CreateBitmap
PatBlt
SetBrushOrgEx
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateFontW
GetTextExtentPointW
CreatePen
CreateSolidBrush
Rectangle
SetBkMode
SetTextColor
TextOutW
BitBlt
DeleteDC
GetStockObject
DeleteObject

advapi32

RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoDisconnectObject
OleGetAutoConvert
CreateILockBytesOnHGlobal
StgCreateDocfile
WriteClassStg
CoCreateInstance
CoTaskMemRealloc
CoUninitialize
StgOpenStorageOnILockBytes
CoInitialize
CoTaskMemAlloc

oleaut32

SetErrorInfo
VarUI4FromStr
CreateErrorInfo
SystemTimeToVariantTime
VariantClear
SysAllocString
SysFreeString
VariantTimeToSystemTime

shlwapi

PathFileExistsW

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
_TrackMouseEvent
InitCommonControlsEx
ImageList_LoadImageW

wininet

HttpOpenRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetGetConnectedState
InternetReadFile
HttpSendRequestW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62bff78fd99a61edc50d6b2022b21ffe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wininet

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 708KB - Virtual size: 707KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 708KB - Virtual size: 707KB

.reloc
Size: 13KB - Virtual size: 13KB