NEAS[.]cd885f960066ddd538cd1bbd509a0ec0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cd885f960066ddd538cd1bbd509a0ec0_JC.exe
Size

68KB
MD5

cd885f960066ddd538cd1bbd509a0ec0
SHA1

61204f18cde7d9a65482c12f192fac8cbd57437d
SHA256

acb4378a8963bf1393c9dd8b28d49c3946e039adc3e2ed82d4987597a2fb5af2
SHA512

18852e19d10e529d8beebfc781c06fd76a1448abb21b998eebbf5cb99674e111791125daf2700c9cc293e2ed8cd62e7ff3f9776567e8dc22a9d7321fe4a2997c
SSDEEP

1536:7ILPgVWqAyOqS/SEaxDtoYivvvvvvvvvvvvvvvvvvvvvax889z:7o64yOqSat53

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.cd885f960066ddd538cd1bbd509a0ec0_JC.exe

Files

NEAS.cd885f960066ddd538cd1bbd509a0ec0_JC.exe
.dll windows:10 windows x64

fda8ebdaf73bf681fd3c812423b1a3f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
__C_specific_handler
malloc
_vsnwprintf
free
_amsg_exit
_XcptFilter
memset

api-ms-win-core-libraryloader-l1-2-0

LoadStringW

oleaut32

SysFreeString
SysAllocString

api-ms-win-core-datetime-l1-1-1

GetTimeFormatW
GetDateFormatW

api-ms-win-core-com-l1-1-1

CoCreateInstance

api-ms-win-core-localization-l1-2-1

GetUserDefaultLCID

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessageVa

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-2-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-errorhandling-l1-1-1

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-2

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-1

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-1

DelayLoadFailureHook
ResolveDelayLoadedAPI

Exports

Exports

InternetErrorDlgEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wpp_sf
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda8ebdaf73bf681fd3c812423b1a3f1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-libraryloader-l1-2-0

oleaut32

api-ms-win-core-datetime-l1-1-1

api-ms-win-core-com-l1-1-1

api-ms-win-core-localization-l1-2-1

api-ms-win-core-timezone-l1-1-0

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-rtlsupport-l1-2-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-delayload-l1-1-1

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.wpp_sf Size: 512B - Virtual size: 153B

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 504B

.didat Size: 512B - Virtual size: 264B

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 512B - Virtual size: 164B

.text
Size: 9KB - Virtual size: 9KB

.wpp_sf
Size: 512B - Virtual size: 153B

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 504B

.didat
Size: 512B - Virtual size: 264B

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 512B - Virtual size: 164B