NEAS[.]54d1eacc0d3aff672b1df24c7b9b1080_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.54d1eacc0d3aff672b1df24c7b9b1080_JC.exe
Size

218KB
MD5

54d1eacc0d3aff672b1df24c7b9b1080
SHA1

05b1d46ed5173d60b071d723ef5a0649d1fa3424
SHA256

2197947236ac77384385c5496cc68aaeeb0278006c2b390919ef2fe2d7bdc49f
SHA512

9a51e04bd2b2d2eb271f8e48c92a56e15e1f354b526060464e95d97580cbb212affbca67cf236ed22f492f2d7397333e38e6fa1bff7b46a55508381c091b6efb
SSDEEP

6144:1rvJ9GwQC6x07kIuyuw2vZRB7nwKx11BLdzi:1jJoWw07k5+2PtnwSJd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.54d1eacc0d3aff672b1df24c7b9b1080_JC.exe

Files

NEAS.54d1eacc0d3aff672b1df24c7b9b1080_JC.exe
.exe windows:4 windows x86

5bdb030576ccc78f39be79578f7c1156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringLen
SysReAllocStringLen

user32

AdjustWindowRectEx
DrawEdge
CharLowerA
CreateMenu
DrawIcon
ChildWindowFromPoint
CharNextW
CloseClipboard
CallNextHookEx
DefWindowProcA
DispatchMessageW
CharUpperBuffA
CreateIcon
DefFrameProcA
DrawFrameControl
DestroyMenu
DefMDIChildProcA
CharLowerBuffA
DestroyCursor
CreatePopupMenu
CheckMenuItem
DispatchMessageA
DestroyWindow
CallWindowProcA
CharToOemA
DeleteMenu
BeginPaint
CharNextA
ClientToScreen

kernel32

IsBadReadPtr
LocalAlloc
DeleteCriticalSection
FormatMessageA
FindResourceA
GetFullPathNameA
DeleteFileA
GetCurrentThreadId
ExitProcess
GetCommandLineA
CreateThread
CloseHandle
GetVersionExA
FreeLibrary
GetProcAddress
GetCPInfo
FindFirstFileA
CreateFileA
GetCurrentProcessId
VirtualAlloc
GetFileType
GetEnvironmentStrings
EnterCriticalSection
CreateEventA
GetDateFormatA
GetDiskFreeSpaceA
LoadLibraryA
FindClose
Sleep
GetFileSize
EnumCalendarInfoA
FreeResource
ExitThread
CompareStringA
GetModuleHandleA
VirtualAllocEx
GetACP
GetFileAttributesA
LoadLibraryExA
GetLastError

shell32

DragQueryFileA
SHFileOperationA
SHGetFolderPathA

version

VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegLoadKeyA
RegCreateKeyA
RegQueryValueExA

gdi32

GetPaletteEntries
GetRgnBox
GetObjectA
GetPixel
LineTo

comdlg32

ChooseColorA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

ole32

CoReleaseMarshalData
PropVariantClear
CreateStreamOnHGlobal

shlwapi

SHEnumValueA
PathIsDirectoryA
SHDeleteValueA
PathIsContentTypeA
SHGetValueA
SHQueryValueExA
PathFileExistsA
SHQueryInfoKeyA

comctl32

ImageList_GetBkColor
ImageList_Create
ImageList_Draw
ImageList_DrawEx

Sections

CODE
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 699B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc4
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc7
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bdb030576ccc78f39be79578f7c1156

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

shell32

version

advapi32

gdi32

comdlg32

ole32

shlwapi

comctl32

Sections

CODE Size: 70KB - Virtual size: 70KB

.data Size: 1024B - Virtual size: 699B

.rsrc2 Size: 2KB - Virtual size: 1KB

.rsrc9 Size: 2KB - Virtual size: 1KB

.rsrc4 Size: 134KB - Virtual size: 134KB

.rsrc0 Size: 1KB - Virtual size: 1KB

.rsrc7 Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 976B

CODE
Size: 70KB - Virtual size: 70KB

.data
Size: 1024B - Virtual size: 699B

.rsrc2
Size: 2KB - Virtual size: 1KB

.rsrc9
Size: 2KB - Virtual size: 1KB

.rsrc4
Size: 134KB - Virtual size: 134KB

.rsrc0
Size: 1KB - Virtual size: 1KB

.rsrc7
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 976B