NEAS[.]64909b098adefa5e815fe7ff59774650_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.64909b098adefa5e815fe7ff59774650_JC.exe
Size

513KB
MD5

64909b098adefa5e815fe7ff59774650
SHA1

28eb92439f3f5db8217bc590cde13cdc2eb7d2a3
SHA256

490ce295896deb7f9add1c2289d01b2dcbac17e4f76eef25da143951d435dfd2
SHA512

247313ebd3211a65b36979bc34502a8cb8a13b6b559ba382e53cdc1394ad1db51a1894d44d1d35b7f1755cbae7217e8c911d51caffde57eded1b75f415362b98
SSDEEP

6144:2saHckUltnsYREgnlwM4kCxZQPiX8txibeBotNlgd+fV9D+jE/9MJWZxeWGrMZs9:2rUl9xy8r4DsitEWQjeiJWiWGrxoS7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.64909b098adefa5e815fe7ff59774650_JC.exe

Files

NEAS.64909b098adefa5e815fe7ff59774650_JC.exe
.dll windows:6 windows x86

bb0e78a8f6a038b0318fb46da5adad07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlUnwind

kernel32

GetProcessHeap
HeapFree
CloseHandle
WaitForSingleObject
OpenEventW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
HeapAlloc
SetUnhandledExceptionFilter
WriteFile
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryExA
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileW
CreateFileMappingW
MapViewOfFile
SearchPathW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
lstrcmpW
GlobalAlloc
GlobalLock
EnumUILanguagesW
GlobalFree
GlobalUnlock
LocalFree
FormatMessageW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
MulDiv
FindResourceExW
LockResource
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedExchange
GetVersionExW
GetModuleFileNameW
UnhandledExceptionFilter
GetUserDefaultUILanguage

user32

GetScrollInfo
DrawTextW
GetCaretPos
IsChild
MessageBoxW
SetForegroundWindow
IsIconic
GetForegroundWindow
SetRect
InsertMenuW
LoadStringW
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
UnregisterClassA
SetScrollPos
SetScrollInfo
DeleteMenu
GetCapture
SetCursor
GetWindowDC
DrawEdge
ReleaseCapture
SetCapture
UpdateWindow
CreateDialogParamW
SetRectEmpty
CreatePopupMenu
AppendMenuW
SystemParametersInfoW
RegisterClassExW
IsWindow
GetSysColorBrush
LoadCursorW
GetClassInfoExW
RemoveMenu
GetMenuItemCount
GetKeyState
GetDesktopWindow
GetScrollPos
GetUpdateRect
IsWindowVisible
PtInRect
BeginPaint
GetSysColor
FillRect
EndPaint
ClientToScreen
GetWindowRect
SetWindowPos
GetDC
ReleaseDC
GetSystemMetrics
LoadAcceleratorsW
DestroyAcceleratorTable
GetParent
EnableWindow
GetFocus
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
EndDialog
ShowWindow
LoadMenuW
EnableMenuItem
GetSubMenu
TrackPopupMenuEx
DestroyMenu
CheckMenuItem
GetActiveWindow
DialogBoxParamW
PostMessageW
GetMessagePos
DefWindowProcW
CallWindowProcW
GetWindowLongW
GetDlgItem
SetFocus
InvalidateRect
ScreenToClient
GetClientRect
MoveWindow
SetWindowLongW
CreateWindowExW
KillTimer
DestroyWindow
SetTimer
SendMessageW
CharNextW
LoadImageW
TranslateAcceleratorW
SetDlgItemTextW

ole32

CoTaskMemAlloc
CoUninitialize
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysFreeString
SafeArrayAccessData
SafeArrayUnaccessData
VarUI4FromStr
VariantChangeType
VariantChangeTypeEx
SysAllocStringLen
SysStringLen
SysAllocString
VariantCopy
VariantClear
VariantInit
SafeArrayDestroy
SafeArrayCreate

oleacc

CreateStdAccessibleObject
LresultFromObject

advapi32

RegEnumKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteValueW

gdi32

DeleteObject
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
PatBlt
CreatePatternBrush
CreateBitmap
GetObjectW
DeleteDC
StretchBlt
SetBrushOrgEx
SetStretchBltMode
ExtTextOutW
SetBkColor
GetDeviceCaps
MoveToEx
LineTo
TextOutW
SetTextColor
ExtCreatePen
GetTextExtentPointW
SetBkMode
SelectObject
GetTextExtentPoint32W
GetTextMetricsW
BitBlt

msimg32

TransparentBlt

urlmon

ord423
CreateUri

shlwapi

ord437
ord219

iertutil

ord70
ord65
ord64
ord68
ord61
ord71
ord650

Exports

Exports

CreateScriptTab

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb0e78a8f6a038b0318fb46da5adad07

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

msimg32

urlmon

shlwapi

iertutil

Exports

Exports

Sections

.text Size: 369KB - Virtual size: 369KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 369KB - Virtual size: 369KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 28KB - Virtual size: 27KB