NEAS[.]c03851b17a8818c6fdb0fa7f5f0636d0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c03851b17a8818c6fdb0fa7f5f0636d0_JC.exe
Size

388KB
MD5

c03851b17a8818c6fdb0fa7f5f0636d0
SHA1

f522d555a1ddbc166978c381e72ab2cd30a9f24b
SHA256

9f10ece425696d8b19a65b959a0992916abf3f3587480460b819beb01dc19a3e
SHA512

814649abe56fcaef2124c9544cf7cc92ad735356f508f4338284a7ed8b15f6a2a3c02f074197c6baae5d1df44c2fabdce6a01684b53679751635e9cafb9739f5
SSDEEP

3072:Catm4hoyngIVmp4RLicH0Xd61qUB6CbetJqHtW4IH0OLatm4hoyngINPMqjHa:1yIC4EX9CmqHY01yU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c03851b17a8818c6fdb0fa7f5f0636d0_JC.exe

Files

NEAS.c03851b17a8818c6fdb0fa7f5f0636d0_JC.exe
.exe windows:4 windows x86

2d2ab35c0e08884f4ed42872b15d3c7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
SetSystemTimeAdjustment
VirtualProtect
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RtlUnwind
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
Sleep
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vJDtPgkx
Size: 4KB - Virtual size: 1KB

ZlJIXhJE
Size: 8KB - Virtual size: 5KB

IvIHHJvk
Size: 12KB - Virtual size: 8KB

xkITSwEg
Size: 8KB - Virtual size: 5KB

VzTnAZjW
Size: 4KB - Virtual size: 919B

mOdsexZD
Size: 4KB - Virtual size: 209B

ZhGtjJVC
Size: 56KB - Virtual size: 52KB

mqZCOlQf
Size: 8KB - Virtual size: 5KB

sdLOqQIq
Size: 100KB - Virtual size: 97KB

HnsTCpTy
Size: 12KB - Virtual size: 10KB

Sharing

General

Malware Config

Signatures

Files

2d2ab35c0e08884f4ed42872b15d3c7a

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 12KB - Virtual size: 10KB

vJDtPgkx Size: 4KB - Virtual size: 1KB

ZlJIXhJE Size: 8KB - Virtual size: 5KB

IvIHHJvk Size: 12KB - Virtual size: 8KB

xkITSwEg Size: 8KB - Virtual size: 5KB

VzTnAZjW Size: 4KB - Virtual size: 919B

mOdsexZD Size: 4KB - Virtual size: 209B

ZhGtjJVC Size: 56KB - Virtual size: 52KB

mqZCOlQf Size: 8KB - Virtual size: 5KB

sdLOqQIq Size: 100KB - Virtual size: 97KB

HnsTCpTy Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 12KB - Virtual size: 10KB

vJDtPgkx
Size: 4KB - Virtual size: 1KB

ZlJIXhJE
Size: 8KB - Virtual size: 5KB

IvIHHJvk
Size: 12KB - Virtual size: 8KB

xkITSwEg
Size: 8KB - Virtual size: 5KB

VzTnAZjW
Size: 4KB - Virtual size: 919B

mOdsexZD
Size: 4KB - Virtual size: 209B

ZhGtjJVC
Size: 56KB - Virtual size: 52KB

mqZCOlQf
Size: 8KB - Virtual size: 5KB

sdLOqQIq
Size: 100KB - Virtual size: 97KB

HnsTCpTy
Size: 12KB - Virtual size: 10KB