NEAS[.]0a6c5878496108a957a4b091ecfe5140_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0a6c5878496108a957a4b091ecfe5140_JC.exe
Size

79KB
MD5

0a6c5878496108a957a4b091ecfe5140
SHA1

157fcdc860358c35210270cd7c4de0d54fb6f292
SHA256

fc879d29f7f82902bb9fafc521b99d3b56d342e0b6b6c7694dfc2d35ab5c4123
SHA512

b7ebad1c246c6e9fb7a3d1a59309265a88b0c0ebeea1c61d7ad08c6013f4949ced61b9455678d6be8b955b71d106450860c8ad4122103a3e58408a26d2e78d72
SSDEEP

1536:Hg7+LPRSVjq1Zy1UGWmNVSQs5djx7RdS4m:0+bP13mNVSQSpjdS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0a6c5878496108a957a4b091ecfe5140_JC.exe

Files

NEAS.0a6c5878496108a957a4b091ecfe5140_JC.exe
.exe windows:4 windows x86

ac7ea783a7594007d023e643a56119ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glide2x

_grTexFilterMode@12
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadMipMapLevel@32
_grTexMultibaseAddress@20
_grTexMinAddress@4
_grTexTextureMemRequired@8
_grTexMultibase@8
_grTexDownloadTable@12
_grSstControl@4
_grLfbReadRegion@28
_grConstantColorValue@4
_grDrawTriangle@12
_gu3dfGetInfo@8
_gu3dfLoad@8
_grGlideGetState@4
_grColorCombine@20
_grAlphaCombine@20
_grTexCombine@28
_grAlphaBlendFunction@16
_grAlphaTestFunction@4
_grGlideShutdown@0
_grTexMipMapMode@12
_grDepthBufferFunction@4
_grAlphaTestReferenceValue@4
_grSstOrigin@4
_grCullMode@4
_grTexDownloadMipMap@16
_grTexSource@16
_grGlideSetState@4
_grTexMaxAddress@4
_grTexCalcMemRequired@16
_grGlideGetVersion@4
_grGlideInit@0
_grSstQueryHardware@4
_grSstSelect@4
_grSstWinOpen@28
_grDitherMode@4
_grClipWindow@16
_grBufferClear@12
_grLfbLock@24
_grLfbUnlock@8
_grBufferSwap@4

user32

TranslateMessage
PeekMessageA
DispatchMessageA
RegisterClassA
GetWindowRect
LoadCursorA
LoadIconA
MessageBoxA
PostMessageA
BeginPaint
EndPaint
SetCursor
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
GetDC
GetClientRect
ReleaseDC
DestroyWindow
GetMessageA

gdi32

GdiFlush
ExtTextOutA
SetTextAlign
SetBkColor
SetTextColor
GetStockObject

kernel32

SetStdHandle
SetFilePointer
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
FlushFileBuffers
WriteFile
CloseHandle
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
GetProcAddress
GetLastError
GetCommandLineA
TerminateProcess
ExitProcess
HeapReAlloc
SetEndOfFile
ReadFile
GetStdHandle
RtlUnwind
GetCurrentProcess
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
GetModuleFileNameA
GetVersion

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac7ea783a7594007d023e643a56119ab

Headers

File Characteristics

Imports

glide2x

user32

gdi32

kernel32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 426KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 426KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 4KB