NEAS[.]0428b6d48982fd744d046c32f9f6ed80_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0428b6d48982fd744d046c32f9f6ed80_JC.exe
Size

985KB
MD5

0428b6d48982fd744d046c32f9f6ed80
SHA1

8952680f2f07fcbfbeb880c14c65e5077cb81527
SHA256

1a3e7968d936bf5775963be2cbff17e46fe9900bb8ba04928252f32f96df58ea
SHA512

196c7d8e14332f29b717ab8d47a41dbc40c51243596f51dcdf80092a0f4710857ec09880fe716d937918210b594ac621ab41c8dd97cd335502a708715a361511
SSDEEP

12288:iUc1s10MAe2J49gNrI6zogc2EgQDVCEfOs:d1CHq9gNrI6zoXrgiCEG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0428b6d48982fd744d046c32f9f6ed80_JC.exe

Files

NEAS.0428b6d48982fd744d046c32f9f6ed80_JC.exe
.exe windows:4 windows x86

1b93b319d214319a7bcb3042b66d6579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetLogicalDrives
GetVersion
WinExec
OpenEventA
GetSystemTime
GetVersionExA
IsValidCodePage
ResumeThread
GetACP
CreateThread
GetCurrentThreadId
TerminateThread
lstrcmpA
GetEnvironmentVariableA
Sleep
WaitForSingleObject
LeaveCriticalSection
CreateEventA
EnterCriticalSection
InitializeCriticalSection
SetEvent
DeleteCriticalSection
_llseek
VirtualFree
SetHandleCount
HeapCreate
CopyFileA
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
lstrcmpiA
GlobalFree
FindFirstFileA
HeapFree
_lclose
GetStringTypeW
_lwrite
_lread
_lcreat
SetEndOfFile
_lopen
HeapReAlloc
GetStringTypeA
SetFilePointer
GetStdHandle
GetFileType
HeapDestroy
GetPrivateProfileIntA
lstrcatA
lstrcpyA
WritePrivateProfileStringA
CloseHandle
WriteFile
CreateFileA
lstrlenA
GetPrivateProfileStringA
DeleteFileA
MoveFileA
LocalAlloc
CreateDirectoryA
GetModuleFileNameA
GetDriveTypeA
GetVolumeInformationA
lstrcpynA
WritePrivateProfileStructA
GetPrivateProfileStructA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringW
GetSystemDirectoryA
FindClose
GetFileSize
FindNextFileA
GlobalUnlock
GlobalLock
GlobalAlloc
LCMapStringA
VirtualAlloc
FreeResource
LockResource
LoadResource
FindResourceA
GetLocalTime
GetCPInfo
GetOEMCP
ReadFile
HeapAlloc
LocalFree
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte

user32

PtInRect
DrawEdge
ReleaseCapture
SetCursor
SetCapture
EndPaint
BeginPaint
ShowWindow
MapWindowPoints
InvalidateRect
LoadBitmapA
FillRect
SetDlgItemTextA
GetDlgCtrlID
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemInt
DrawIcon
ValidateRect
IsWindowEnabled
CheckRadioButton
GetWindowRect
CreatePopupMenu
DrawMenuBar
GetMenu
SetMenu
GetActiveWindow
IsIconic
ShowCursor
PostQuitMessage
SetActiveWindow
RegisterClassA
IsWindow
UpdateWindow
LoadAcceleratorsA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetMessageA
GetMenuItemInfoA
UnregisterClassA
DrawFocusRect
IsWindowVisible
GetMenuItemCount
MoveWindow
SetMenuItemInfoA
GetSysColor
IntersectRect
DestroyIcon
IsChild
CallNextHookEx
GetMenuState
GetMenuItemID
TrackPopupMenuEx
CallWindowProcA
WindowFromPoint
SystemParametersInfoA
UnhookWindowsHookEx
EnableWindow
SendMessageA
EndDialog
wsprintfA
GetDC
ReleaseDC
EnableMenuItem
GetSubMenu
AppendMenuA
DialogBoxParamA
GetMenuStringA
SetWindowsHookExA
TrackPopupMenu
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
SetTimer
GetDlgItemInt
KillTimer
DestroyWindow
ClientToScreen
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetClassLongA
GetWindowLongA
GetDlgItem
GetClientRect
LoadImageA
IsDlgButtonChecked
GetWindowTextA
CheckDlgButton
SetFocus
SetWindowTextA
RemoveMenu
ChildWindowFromPoint
LoadMenuA
LoadIconA
LoadCursorA
GetCursorPos
ScreenToClient
CheckMenuItem
DeleteMenu
LoadStringA
PostMessageA
DefWindowProcA
InflateRect
DestroyMenu
AdjustWindowRect
GetSystemMetrics
CreateWindowExA
SetWindowLongA
GetParent
GetDesktopWindow
SetWindowPos
RegisterClipboardFormatA
MessageBoxA

gdi32

CreateDIBSection
Polyline
CreatePatternBrush
DeleteObject
CreateRectRgnIndirect
StretchBlt
SetStretchBltMode
DeleteDC
CreateDIBitmap
CreateCompatibleDC
SelectObject
MoveToEx
LineTo
RestoreDC
GetObjectA
CreatePen
SaveDC
CombineRgn
CreateRectRgn
PtInRegion
CreateCompatibleBitmap
SetBkColor
BitBlt
StretchDIBits
RealizePalette
CreateBitmap
CreatePalette
GetSystemPaletteEntries
SelectPalette
CreateSolidBrush
CreateBrushIndirect
GetDeviceCaps
TextOutA
GetTextExtentPointA
SetBkMode
GetTextExtentPoint32A
CreateFontIndirectA
ExtTextOutA
GetTextMetricsA
SetDIBitsToDevice
GetClipBox
PatBlt
SelectClipRgn

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyA
RegOpenKeyExA

shell32

ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA

ole32

RevokeDragDrop
RegisterDragDrop
OleInitialize
OleUninitialize
ReleaseStgMedium

winmm

mixerGetDevCapsA
timeGetTime
mixerClose
mixerGetID
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
waveOutGetNumDevs

comctl32

ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
ImageList_Add
PropertySheetA
CreateToolbarEx
ord17

realhook

ord1

coolmenu

ord6
ord21
ord24
ord16
ord14
ord15
ord4
ord23
ord22
ord18
ord5
ord9
ord10
ord20
ord7
ord2
ord1
ord19
ord17
ord3

dvdfile

ord2
ord1
ord3

dvdinfo

ord1
ord2
ord4

fft

ord5

httpfile

ord1
ord6
ord9
ord2
ord4
ord5
ord3
ord7
ord8

mmxaudio

ord82
ord81
ord73
ord71
ord72
ord83
ord75
ord76

mpegsys

ord49
ord51
ord47
ord36
ord34
ord46
ord48

subpic

ord17
ord22
ord20
ord21
ord12
ord19
ord18
ord23

svdvideo

ord83
ord84
ord76
ord82
ord101
ord102
ord79
ord78
ord87
ord89
ord88
ord75
ord93

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b93b319d214319a7bcb3042b66d6579

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

comctl32

realhook

coolmenu

dvdfile

dvdinfo

fft

httpfile

mmxaudio

mpegsys

subpic

svdvideo

Sections

.text Size: 223KB - Virtual size: 223KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 360KB - Virtual size: 499KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 363KB - Virtual size: 363KB

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 223KB - Virtual size: 223KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 360KB - Virtual size: 499KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 363KB - Virtual size: 363KB

.reloc
Size: 27KB - Virtual size: 26KB