NEAS[.]03c73f6c5ffa81bc8534aacbe9169150_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.03c73f6c5ffa81bc8534aacbe9169150_JC.exe
Size

256KB
MD5

03c73f6c5ffa81bc8534aacbe9169150
SHA1

66d58f9762c26f6e3d86684642a0707899794b34
SHA256

3a3cdaf30ab48873fbd3603b4ea7177cc7f68546bb393ba01c17597b7c8fe2d5
SHA512

501725b422a2fec8a04e0544bda6c4648a7b3955e876621854c77a5596cbc6da186e15f9cdea5a1f464521a831a00203a542b6204360eb61895d2601d51f97d7
SSDEEP

3072:E31Tr2D6vV1wLa7S1e/ViZ9lUIrRZgZGNb4ZzDhtB8/lJKqx8mE0Ji5W4r576D44:E12lGEAe9lVrRZgZGN0ZzDeEv5vlODJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.03c73f6c5ffa81bc8534aacbe9169150_JC.exe

Files

NEAS.03c73f6c5ffa81bc8534aacbe9169150_JC.exe
.dll regsvr32 windows:5 windows x86

7853305a8d36f561c76ecbd4b2f0ea2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_except_handler3
wcscat
wcscpy
wcstod
wcschr
_wcsicmp
wcslen
_wcsnicmp
memmove
swprintf
sprintf
malloc
_onexit
__dllonexit
_purecall
_initterm
free

msdart

lstrcatI
RegEnumKeyExI
lstrlenI
RegSetValueExI
RegCreateKeyExI
RegQueryValueExI
RegDeleteKeyI
lstrcpyI
PostMessageI
RegOpenKeyExI
MpHeapAlloc
LoadStringI
GetWindowsDirectoryI
CharNextI
GetVersionExI
_LoadVersionedResourceEx@16
??1CReaderWriterLock3@@QAE@XZ
??0CReaderWriterLock3@@QAE@XZ
?WriteLock@CReaderWriterLock3@@QAEXXZ
?WriteUnlock@CReaderWriterLock3@@QAEXXZ
?ReadOrWriteLock@CReaderWriterLock3@@QAE_NXZ
?ReadOrWriteUnlock@CReaderWriterLock3@@QAEX_N@Z
GetModuleHandleI
GetModuleFileNameI
UMSEnterCSWraper
LoadLibraryI
FXMemAttach
MpGetHeapHandle
MpHeapFree
MPInitializeCriticalSection
MPDeleteCriticalSection
FXMemDetach

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
EnterCriticalSection
CompareStringW
LCMapStringW
LCMapStringA
CompareStringA
DeleteCriticalSection
InitializeCriticalSection
HeapDestroy
GetCurrentProcess
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
GetUserDefaultLCID
TlsFree
TlsAlloc
lstrlenW
GetCurrentThreadId
TlsGetValue
TlsSetValue
InterlockedExchange
LeaveCriticalSection
IsBadCodePtr
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA

advapi32

RegCloseKey

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoCreateInstance

oleaut32

VariantInit
SetErrorInfo
VariantChangeType
VariantClear
GetErrorInfo
LoadRegTypeLi
SysStringLen
SafeArrayPutElement
SafeArrayGetElement
VariantCopy
SysAllocString
LoadTypeLi
OaBuildVersion
SysAllocStringLen
CreateErrorInfo
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnlock
SafeArrayCopy
RegisterTypeLi
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdbid
Size: 4KB - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7853305a8d36f561c76ecbd4b2f0ea2b

Headers

File Characteristics

Imports

msvcrt

msdart

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 141KB

.data Size: 4KB - Virtual size: 1KB

.sdbid Size: 4KB - Virtual size: 468B

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 144KB - Virtual size: 141KB

.data
Size: 4KB - Virtual size: 1KB

.sdbid
Size: 4KB - Virtual size: 468B

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 60KB - Virtual size: 60KB