NEAS[.]b394a1e8eb18027eb89b1bb6762a7980_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b394a1e8eb18027eb89b1bb6762a7980_JC.exe
Size

1.2MB
MD5

b394a1e8eb18027eb89b1bb6762a7980
SHA1

8f5bcbe043b9f97110faff9eb1f4acc7114f75b1
SHA256

6a5239bf3099cac96b9173b23649fe346bf492641eea56476a4684ba71873230
SHA512

94cc9db4f8f7904a1e1dfbb55297c2346d9a6e190f2f208cfaa5bead904cb5a4e920fd38944dc606ef7d810a5b542f27da1df07440f16c3bbd2d9e95aae10d13
SSDEEP

24576:zsLo+0j7blMZz/PCLe8PuNFhVadbINNXes76IvNWa5P6TK84P0Y:Jj7bkC06InrSDTK84P0Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b394a1e8eb18027eb89b1bb6762a7980_JC.exe

Files

NEAS.b394a1e8eb18027eb89b1bb6762a7980_JC.exe
.exe windows:5 windows x86

bf2ba0b96b336923b85649f2a02f242a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawEnumerateA
DirectDrawCreateEx

dsound

ord11

dinput8

DirectInput8Create

winmm

timeGetDevCaps
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
timeKillEvent
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA
timeSetEvent
timeGetTime
mixerClose

imm32

ImmGetCandidateListA
ImmReleaseContext
ImmGetCompositionStringA
ImmAssociateContext
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetContext

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GetProcAddress
LoadLibraryA
GetVersionExA
Sleep
GetLastError
CreateMutexA
GlobalFree
GetWindowsDirectoryA
GetDriveTypeA
GetVolumeInformationA
lstrcatA
GetModuleHandleA
UnmapViewOfFile
DeleteFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
CompareStringA
GetFileType
SetHandleCount
GetConsoleMode
GetCurrentDirectoryA
WriteConsoleW
ReadFile
SetFilePointer
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FreeLibrary
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetModuleHandleW
HeapReAlloc
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
CreateDirectoryA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapAlloc
InitializeCriticalSection
HeapFree
CompareStringW
SetEnvironmentVariableA
lstrcpyA
SetCurrentDirectoryA
LCMapStringA
GlobalUnlock
GlobalAlloc
GetSystemDefaultLCID
GlobalLock
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
OutputDebugStringA
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
ReleaseSemaphore
CreateSemaphoreA
IsValidCodePage
WaitForSingleObject
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleCP
GetConsoleOutputCP
GetLocaleInfoW
SetEndOfFile
HeapSize
GetProcessHeap
GetTimeZoneInformation

user32

CreateWindowExA
SetClipboardData
OpenClipboard
PostMessageA
ShowWindow
EmptyClipboard
ReleaseDC
UnionRect
IntersectRect
GetDC
PtInRect
IsIconic
CloseClipboard
DialogBoxParamA
SetWindowTextA
AdjustWindowRectEx
EndDialog
GetDlgItem
SendDlgItemMessageA
LoadIconA
UnregisterClassA
DrawTextA
RegisterClassA
CopyIcon
MessageBoxA
DestroyCursor
wvsprintfA
EnumDisplayMonitors
GetMonitorInfoA
EnumDisplayDevicesA
EndPaint
DestroyWindow
SetCursor
GetMessageA
ScreenToClient
GetWindowRect
RegisterClassExA
PostQuitMessage
SetForegroundWindow
LoadStringA
BeginPaint
TranslateMessage
ShowCursor
SetWindowLongA
SetCursorPos
PeekMessageA
TranslateAcceleratorA
DefWindowProcA
GetCursorPos
LoadAcceleratorsA
GetActiveWindow
DispatchMessageA
SystemParametersInfoA
LoadImageA
UpdateWindow
FindWindowA
LoadCursorA
MonitorFromRect
GetKeyState
GetSystemMetrics
ClientToScreen
GetClientRect
SetWindowPos

gdi32

StretchBlt
Ellipse
CreateFontIndirectA
EnumFontFamiliesExA
GdiFlush
GetStockObject
DeleteDC
GetDeviceCaps
CreateDCA
MoveToEx
LineTo
CreatePen
GetGlyphOutlineA
SetTextColor
SetBkMode
DeleteObject
SelectObject
GetTextMetricsA
TextOutA
GetPaletteEntries

comdlg32

GetFileTitleA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance

cv210

cvSmooth
cvResize
cv2DRotationMatrix
cvFilter2D
cvWarpAffine

cxcore210

cvCreateMat
cvReleaseImage
cvReleaseMat
cvAdd
cvCreateImage

Sections

.text
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf2ba0b96b336923b85649f2a02f242a

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

dsound

dinput8

winmm

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

ole32

cv210

cxcore210

Sections

.text Size: 738KB - Virtual size: 738KB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 80KB - Virtual size: 4.4MB

.rsrc Size: 285KB - Virtual size: 285KB

.text
Size: 738KB - Virtual size: 738KB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 80KB - Virtual size: 4.4MB

.rsrc
Size: 285KB - Virtual size: 285KB