NEAS[.]75ae890c01f27358359220f773ccd6d0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.75ae890c01f27358359220f773ccd6d0_JC.exe
Size

230KB
MD5

75ae890c01f27358359220f773ccd6d0
SHA1

bfa9a0809b59394cb86fdfcf4f28c581c50e55f1
SHA256

9c8b43a75233aa96f0d5e709788f277c72c0ceab8c1abc374c45bb3ed13eb7db
SHA512

094729f26e2776fca98a55d9fc5840e12788bb0ecbc49d128b4cf9875cab056c4c5fb7fa0fe43b54ba076244200c11ece70f7007144f60d14be0c8c3330cda49
SSDEEP

6144:gw/atBiTsK1uMrPHBV+UdvrEFp7hKGCrZ:gw4BiAK1uEBjvrEH7ZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.75ae890c01f27358359220f773ccd6d0_JC.exe

Files

NEAS.75ae890c01f27358359220f773ccd6d0_JC.exe
.dll windows:5 windows x86

776797ef1c0a6718157f8b9a07b0f0c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetTimeZoneInformation
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
HeapCreate
HeapDestroy
LCMapStringW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
ReadFile
CloseHandle
RtlUnwind
GetStringTypeW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryW
CreateFileA
WriteConsoleW
HeapSize
SetEndOfFile
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
CreateFileW
HeapFree
MultiByteToWideChar
LeaveCriticalSection
GetLastError

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

Exports

Exports

ECCGenerateKeys
WLGenLicenseDynSmartKey
WLGenLicenseDynSmartKeyW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

776797ef1c0a6718157f8b9a07b0f0c2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 7KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 7KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB