NEAS[.]e34dfd1165ac4e9cba534caa029f3b20_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e34dfd1165ac4e9cba534caa029f3b20_JC.exe
Size

396KB
MD5

e34dfd1165ac4e9cba534caa029f3b20
SHA1

1acd350ee2c57a5873ab2fa43e870ee00dd5a09e
SHA256

aac73f8e4d45b2671a80d2691ca1bc7fe146557a8185002af2287f65799ebd20
SHA512

0140f69c1dd30115215c92d4b21f2ba72f8b24b114ca68769c27db924bb5dcb13f96734feb6f1cee3bd277111a8773ecb5ec44b7387abd097b87650ce481d5c1
SSDEEP

6144:T5IsrYeyXa+hIRDuz1IUA+uOLumojmLGLPvEFmm/6i7dMNKV:9IsrYeyK+hIdCIN1KYGr/6FK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e34dfd1165ac4e9cba534caa029f3b20_JC.exe

Files

NEAS.e34dfd1165ac4e9cba534caa029f3b20_JC.exe
.exe windows:4 windows x86

b7fdbcebb456baf7cf8ce2618ae82956

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
DragAcceptFiles
DragFinish

user32

GetClassNameA
IsWindow
DispatchMessageA
TranslateMessage
PeekMessageA
MoveWindow
SetRect
SetWindowWord
UpdateWindow
GetWindowWord
RegisterClassA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
CreateWindowExA
InvalidateRect
DestroyWindow
ShowWindow
CreateDialogParamA
EnumChildWindows
CallWindowProcA
GetCursorPos
SetCursorPos
LoadCursorA
SetCursor
GetActiveWindow
CharUpperA
CharToOemA
EnumWindows
GetLastActivePopup
PostMessageA
GetPropA
SetWindowsHookA
LoadStringA
DialogBoxParamA
UnhookWindowsHook
SetWindowTextA
GetWindowTextA
LoadIconA
GetWindowLongA
SetWindowLongA
SendMessageA
SetPropA
GetDlgItem
SendDlgItemMessageA
CheckRadioButton
EnableWindow
OemToCharA
SetActiveWindow
GetDlgItemTextA
SetFocus
BringWindowToTop
SetForegroundWindow
EndDialog
DestroyIcon
RemovePropA
GetSysColor
GetClientRect
BeginPaint
EndPaint
DefWindowProcA
SetDlgItemTextA
SetWindowPos
wsprintfA
MessageBoxA
SystemParametersInfoA
GetSystemMetrics
GetWindowRect

kernel32

Sleep
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapReAlloc
GetModuleHandleA
DeleteFileA
GetSystemTimeAsFileTime
GetConsoleMode
GetConsoleCP
WriteFile
HeapCompact
InterlockedDecrement
InterlockedIncrement
SetFilePointer
ReadFile
RaiseException
RtlUnwind
GetFileType
GetStartupInfoA
lstrcpyA
lstrlenA
WinExec
GlobalDeleteAtom
GlobalGetAtomNameA
InitializeCriticalSection
IsBadReadPtr
GetVersionExA
GetModuleFileNameA
FreeLibrary
GetACP
GetProcAddress
LoadLibraryA
SetErrorMode
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetTickCount
CloseHandle
GetFileSize
CreateFileA
GlobalAddAtomA
GetVersion
lstrcatA
SetCurrentDirectoryA
LocalFree
FormatMessageA
GetLastError
GlobalMemoryStatus
GetLocalTime
GetVolumeInformationA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
GlobalSize
GlobalHandle
GetPrivateProfileIntA
GetPrivateProfileStringA
ExitProcess
FileTimeToSystemTime
DosDateTimeToFileTime
GetSystemTime
SystemTimeToFileTime
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
WideCharToMultiByte
GetFullPathNameA
GetShortPathNameA
FindClose
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
VirtualAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetDriveTypeA
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
IsBadWritePtr
FileTimeToDosDateTime
GetCommandLineA

gdi32

SetTextColor
SetTextAlign
GetBkColor
GetTextExtentPoint32A
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
CreatePen
SelectObject
MoveToEx
LineTo
DeleteObject
SetBkColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumValueA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7fdbcebb456baf7cf8ce2618ae82956

Headers

File Characteristics

Imports

shell32

user32

kernel32

gdi32

comdlg32

advapi32

version

ole32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 242KB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 242KB

.rsrc
Size: 148KB - Virtual size: 147KB