NEAS[.]1864547f57e52726abd2aa175b3470b0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1864547f57e52726abd2aa175b3470b0_JC.exe
Size

650KB
MD5

1864547f57e52726abd2aa175b3470b0
SHA1

5817615ff104fc319b5c29122b2e7721c171686b
SHA256

27a35989a9962471e9c5abc33f932c69a13195aa716492852c8dbb548a6393e3
SHA512

183d796c58e0e2609ec4f344cc457c54506486554c9d5d1dac9cb5b960edcdc39389f9beac16b05d22854e496757f747e7cb3efa76d6f3fcfe3e89a2990f79c7
SSDEEP

12288:pmLIkVK8b9KQBYbT/EuM3ZKO95F+DAo/h/E7Qw0K2mwObSQz0zC9k6v9Vzj3:IIWTKQFF+DAoZ/E792mwpzwvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1864547f57e52726abd2aa175b3470b0_JC.exe

Files

NEAS.1864547f57e52726abd2aa175b3470b0_JC.exe
.exe windows:5 windows x86

bb76acb54c0aeb34686ca2f1b37aacc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
PropertySheetA
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create
CreateToolbarEx

des_res

ord1

kernel32

SetEndOfFile
HeapReAlloc
HeapAlloc
LoadLibraryW
WriteConsoleW
GetStringTypeW
LCMapStringW
FlushFileBuffers
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
ExitProcess
MultiByteToWideChar
GetProcessHeap
GetConsoleCP
WideCharToMultiByte
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
RtlUnwind
DeleteFileA
GetTickCount
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
Sleep
HeapSize
WriteFile
GetFileSize
LocalReAlloc
SetFilePointer
CreateFileA
CloseHandle
ReadFile
WinExec
LocalAlloc
LocalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
GetCommandLineA
WritePrivateProfileStringA
GetEnvironmentVariableA
LoadLibraryA
GetProcAddress
FreeLibrary
RaiseException
CreateFileW
GetConsoleMode

user32

CallWindowProcA
PtInRect
SetTimer
GetCapture
SetClassLongA
GetSysColor
FlashWindow
GetFocus
SetScrollRange
AppendMenuA
CreatePopupMenu
GetDesktopWindow
GetCursorPos
OffsetRect
CharNextA
SetCursorPos
GetMenuItemID
CharPrevA
GetQueueStatus
PeekMessageA
GetDialogBaseUnits
GetSystemMetrics
CreateWindowExA
SetRectEmpty
CopyRect
SetDlgItemTextA
GetParent
InvertRect
EnableWindow
ScreenToClient
SetWindowPos
GetMenuItemCount
SetDlgItemInt
GetDlgItem
GetDlgItemInt
SendDlgItemMessageA
SetWindowLongA
EndDialog
GetDlgItemTextA
RemoveMenu
InsertMenuA
DrawMenuBar
LoadStringA
CheckMenuItem
EnableMenuItem
PostQuitMessage
CreateDialogParamA
DestroyWindow
DialogBoxParamA
ModifyMenuA
SetScrollPos
LoadMenuA
ClientToScreen
GetSubMenu
TrackPopupMenu
DestroyMenu
ClipCursor
MessageBeep
GetWindowRect
GetWindowLongA
GetAsyncKeyState
GetMenu
LoadImageA
LoadBitmapA
SetFocus
SendMessageA
DefWindowProcA
KillTimer
SetCursor
GetDC
ReleaseDC
SetCapture
GetClientRect
ReleaseCapture
MoveWindow
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
GetKeyState
FindWindowA
SetForegroundWindow
BringWindowToTop
ShowWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
PostMessageA
CharLowerA
GetMessageA
IsWindow
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
MessageBoxA
GetMenuState

gdi32

SelectObject
RealizePalette
SelectPalette
DeleteObject
TextOutA
SetTextColor
PatBlt
Rectangle
CreateSolidBrush
GetStockObject
LineTo
MoveToEx
PolyDraw
SetROP2
Ellipse
SetBkColor
CreatePen
InvertRgn
CreatePolygonRgn
CreateHatchBrush
PtInRegion
CreatePalette
GetDeviceCaps
CreateFontA
GetTextMetricsA
CreateCompatibleBitmap
GetObjectA
DeleteDC
BitBlt
SetBkMode
CreateCompatibleDC

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb76acb54c0aeb34686ca2f1b37aacc1

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

des_res

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 572KB - Virtual size: 571KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 26KB - Virtual size: 866KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 572KB - Virtual size: 571KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 26KB - Virtual size: 866KB

.rsrc
Size: 1KB - Virtual size: 1KB