NEAS[.]ef6d3a1a27e8680f8b15afeafe6e30e0_JC[.]exe

General

Target

NEAS.ef6d3a1a27e8680f8b15afeafe6e30e0_JC.exe
Size

36KB
MD5

ef6d3a1a27e8680f8b15afeafe6e30e0
SHA1

349f71da21cd44e799a82715d7dc32484bdc8835
SHA256

e08ca88adb99b6f7addde6691a59bbfc8ad85ba9260751b8ae704a5e6bdc8eb1
SHA512

f5d4623cef1dcb7359b7e231796630e4612bc26027a57c23cafe931f423cb25f09e63dc5667158916ebd65f7b785ceab4bbf8cb07ed5fc75bd81d436fe3f72da
SSDEEP

768:cLVpe+RIyVPIwYe7A0IW9+6IwYe7aYFdXDpfl:kVg2IyVPPYe7AM46PYe7aYFxpfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.ef6d3a1a27e8680f8b15afeafe6e30e0_JC.exe

Files

NEAS.ef6d3a1a27e8680f8b15afeafe6e30e0_JC.exe
.exe windows:4 windows x86

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
CompareStringW
GetModuleHandleW
GetFullPathNameW
GetStringTypeW
lstrcpynW
GetCurrentProcess
lstrcmpA
GetProcAddress
TlsGetValue
OpenMutexA
GetPrivateProfileSectionA
WaitForSingleObjectEx
FoldStringW
WriteConsoleA
GetPrivateProfileSectionA
HeapAlloc
FileTimeToSystemTime
InterlockedDecrement
CopyFileW
DeviceIoControl
ReplaceFileA
FindNextVolumeW
QueryDosDeviceA
GetSystemTime
SetEnvironmentVariableA
GetLocalTime
GetDiskFreeSpaceA
SearchPathA
IsValidCodePage
GetShortPathNameA
GetTickCount
GetVolumePathNameA
GetPrivateProfileSectionA
SetErrorMode
GetProcessHeap
FindFirstVolumeW

cryptdll

MD5Final
MD5Init
CDLocateRng
CDBuildVect
MD5Update

user32

GetClassInfoA
CharToOemA
GetMessageW
EnumDesktopsA
GetCaretPos
IsDialogMessageA
wsprintfA
DispatchMessageA
SetFocus
PostMessageW
DrawIcon
DrawTextA
LoadCursorA
CreateDesktopA
DialogBoxParamW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5454eaf264e4265dcda6c61e7288dd0a

Headers

File Characteristics

Imports

kernel32

cryptdll

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB