NEAS[.]0a6b725824c5f4f4f9117a5b27ab4560_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0a6b725824c5f4f4f9117a5b27ab4560_JC.exe
Size

158KB
MD5

0a6b725824c5f4f4f9117a5b27ab4560
SHA1

013184ede422868eaa707607928d81a460c092fe
SHA256

efb0c084001cdafb90ca3cb9bf63118024944a0a05066ee41c78a52e649d0f2e
SHA512

1a9353ebaea1169cad15e40e6d65367449473a0c582ab567190c575a8ab77809c662b5c1942dbf722bc91fa02fb0bd2d9e8ecccd7eb72fd5a036571527b2d26b
SSDEEP

3072:guR9fChcSgRyT4ofs1DYX7jG+LZqT3S0vw8e5r5+bSxENNW1lV:gS9f7kT9fsuXO+NqTNvw8edi3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0a6b725824c5f4f4f9117a5b27ab4560_JC.exe

Files

NEAS.0a6b725824c5f4f4f9117a5b27ab4560_JC.exe
.exe windows:5 windows x86

43f2b9ad4ccf9b1d697da977e2e1733e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetCPInfo
IsDebuggerPresent
FlushInstructionCache
InterlockedExchange
GetOEMCP
GetPrivateProfileStringW
QueryPerformanceCounter
DebugBreak
LeaveCriticalSection
LocalFree
InitializeCriticalSection
SetStdHandle
GlobalLock
FreeEnvironmentStringsW
GetFileSize
OutputDebugStringW
GetCurrentProcessId
LoadLibraryExW
HeapSize
IsProcessorFeaturePresent
GetCurrentProcess
MulDiv
InitializeCriticalSectionAndSpinCount
GetConsoleOutputCP
IsValidLocale
VirtualQuery
IsValidCodePage
GetStringTypeA
GetSystemDefaultLangID
TlsAlloc
SetConsoleCtrlHandler
VirtualFree
ExitProcess
WriteConsoleA
CreateFileA
InterlockedCompareExchange
RaiseException
TlsGetValue
lstrlenW
WaitForSingleObject
DeleteCriticalSection
FormatMessageW
ReadFile
lstrcpynW
GetDateFormatA
SetLastError
GetPrivateProfileIntW
CompareStringW
Sleep
GetModuleFileNameA
GlobalAlloc
SizeofResource
RtlUnwind
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
GetTimeFormatA
EnumSystemLocalesA
FindNextChangeNotification
WaitForMultipleObjects
GetConsoleMode
GetStdHandle
lstrcpynA
GetCommandLineW
ResetEvent
GetTempFileNameW
LoadLibraryW
GetFileType
LocalAlloc
GetLastError
GetVersionExW
GlobalSize
FileTimeToSystemTime
lstrcmpW
TlsSetValue
GetProcAddress
GetCurrentThreadId
HeapFree
GetFileAttributesExW
lstrlenA
CreateFileW
GetProcessHeap
LoadLibraryExA
GetVersion
OpenEventW
HeapReAlloc
lstrcpyW
WinExec
GetSystemDirectoryW
SetHandleCount
GetWindowsDirectoryW
UnhandledExceptionFilter
GetUserDefaultLCID
GlobalUnlock
SystemTimeToTzSpecificLocalTime
GetConsoleCP
LoadLibraryA
GetComputerNameW
CloseHandle
GetModuleFileNameW
LCMapStringW
ExpandEnvironmentStringsA
WriteConsoleW
GetCurrentThread
WritePrivateProfileSectionW
HeapDestroy
GetModuleHandleW
CopyFileW
CreateThread
GetStartupInfoW
GetStringTypeW
InterlockedDecrement
GetEnvironmentStringsW
GetDateFormatW
FindFirstChangeNotificationW
HeapCreate
CompareStringA
lstrcmpiW
FreeLibrary
LoadResource
lstrcatW
GetFileAttributesW
VerLanguageNameW
WritePrivateProfileStringW
FindResourceW
ExpandEnvironmentStringsW
LockResource
EnterCriticalSection
SetUnhandledExceptionFilter
WideCharToMultiByte
HeapAlloc
GetTempPathW

user32

RegisterClipboardFormatW
ScrollWindowEx
DrawFrameControl
BeginDeferWindowPos
TranslateAcceleratorW
MessageBeep
RegisterClassW
UnregisterClassW
MoveWindow
RemoveMenu
KillTimer
SetForegroundWindow
GetWindowRect
GetSubMenu
DrawFocusRect
WindowFromPoint
CloseClipboard
CreateWindowExW
DefFrameProcW
CharLowerW
LoadImageW
GetWindowLongW
GetWindowDC
GetSysColorBrush
GetParent
LoadMenuW
ClientToScreen
ScreenToClient
CallWindowProcW
ShowScrollBar
DrawMenuBar
CallNextHookEx
MapWindowPoints
RegisterClassExW
DestroyWindow
SetCaretPos
ModifyMenuW
TranslateMessage
LoadStringA
GetClassInfoW
FrameRect
GetClientRect
CreatePopupMenu
GetWindowTextW
DefMDIChildProcW
DefWindowProcW
GetSystemMetrics
SetTimer
GetKeyState
LoadCursorW
EndDeferWindowPos
OpenClipboard
GetDlgCtrlID
UpdateWindow
wvsprintfW
LoadAcceleratorsW
SystemParametersInfoW
InflateRect
SetCapture
SetDlgItemTextW
DestroyMenu
GetClassLongW
GetMessageW
LoadStringW
GetWindow
GetMonitorInfoW
BringWindowToTop
ReleaseDC
SetScrollInfo
GetActiveWindow
GetWindowLongA
GetMessagePos
CreateCaret
EndDialog
GetFocus
SetWindowTextW
GetWindowThreadProcessId
GetCursorPos
EndPaint
GetCapture
BeginPaint
GetSystemMenu
DialogBoxParamW
IsChild
ReleaseCapture
DeferWindowPos
GetScrollInfo
CopyRect
MessageBoxW
SetFocus
CharNextW
SetCursor
PostQuitMessage
EnableWindow
InvalidateRect
AppendMenuW
FillRect
SetWindowPos
RegisterWindowMessageW
IsClipboardFormatAvailable
MonitorFromWindow
UnregisterClassA
GetClassNameW
GetDesktopWindow
EnableMenuItem
SetScrollPos
TrackPopupMenu
OffsetRect
DragDetect
SetWindowsHookExW
SendMessageW
DispatchMessageW
UnhookWindowsHookEx
PeekMessageW
GetMenuDefaultItem
EmptyClipboard
SetClipboardData
GetWindowTextLengthW
DestroyCaret
IsWindowVisible
FindWindowW
SetMenuDefaultItem
PtInRect
LoadIconW
GetMenuStringW
RedrawWindow
DrawEdge

gdi32

PatBlt
DPtoLP
GetTextExtentPointW
SetWindowOrgEx
CreateRectRgn
ExtTextOutW
SaveDC
BitBlt
DeleteObject
CreatePatternBrush
GetClipRgn
GetViewportOrgEx
GetStockObject
SetPolyFillMode
CreateSolidBrush
SetBkMode
RestoreDC
GetDeviceCaps
GetTextExtentPoint32W
SelectPalette
TextOutW
SetViewportOrgEx
CreateFontW
Polyline
CreateCompatibleBitmap
IntersectClipRect
GetTextMetricsW
SelectObject
CreateCompatibleDC
LPtoDP
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Polygon
DeleteDC
GetObjectW
CreatePen
SelectClipRgn
CreatePalette
RealizePalette
SetBrushOrgEx
LineTo
MoveToEx
Rectangle
CreateDIBSection
CreateFontIndirectW

oleaut32

VarUI4FromStr
SystemTimeToVariantTime
VarDecFromStr
VarR8FromStr
SysFreeString
VarI4FromStr
VarDecCmp

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wsock32

connect
WSAGetLastError
WSASetLastError
ntohs
inet_addr
ioctlsocket
listen
socket
WSAAsyncSelect
send
htons
accept
getsockname
recv
closesocket
gethostbyname
getpeername
bind
shutdown

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43f2b9ad4ccf9b1d697da977e2e1733e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

version

wsock32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 29KB - Virtual size: 48KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 29KB - Virtual size: 48KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 9KB