NEAS[.]8935d11f2b24936bbf79127cf998de50_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.8935d11f2b24936bbf79127cf998de50_JC.exe
Size

196KB
MD5

8935d11f2b24936bbf79127cf998de50
SHA1

49bf6b5c3828f3173ad2f4a6cc577ed97907b822
SHA256

8c8c13b357aaf9613795644c982f8d041c3c56687e5aef3a48437bdb75edeeb5
SHA512

753a27878c278fecbc744734d33e41634bff36ecaa62afaa0e55c6320027700272e11e7cc1d0aa4683501107babe0a64e3de763bd0510eeba36b5666a06a4778
SSDEEP

6144:HwRgXX5fpRtFk8/VUQ/vspFFL1B+EEnP+:QRSfpRztUQ8pFFL1UEom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8935d11f2b24936bbf79127cf998de50_JC.exe

Files

NEAS.8935d11f2b24936bbf79127cf998de50_JC.exe
.exe windows:4 windows x86

5cc030522378f505112bbfb8b83214f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateBitmapIndirect
CreateBrushIndirect
CreateFontA
CreateFontIndirectA
CreatePenIndirect
DeleteObject
GetBkColor
GetDeviceCaps
GetObjectA
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

Beep
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindResourceA
FormatMessageA
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLargestConsoleWindowSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LockFile
MulDiv
QueryPerformanceCounter
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
SetConsoleMode
SetConsoleWindowInfo
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnlockFile
VirtualProtect
VirtualQuery
WriteConsoleOutputA
WriteFile

msvcrt

__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_errno
_filelengthi64
_fileno
_fmode
_fpreset
_get_osfhandle
_i64toa
_initterm
_iob
_itoa
_onexit
_snprintf
_stricmp
_ui64toa
_ultoa
abort
calloc
exit
fclose
feof
fflush
fgetpos
fgets
fopen
fprintf
fputs
fread
free
freopen
fsetpos
fwrite
getc
islower
isupper
localeconv
malloc
mbstowcs
memset
memcpy
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strlen
strncmp
strtoul
tolower
toupper
ungetc
vfprintf
wcslen
wcstombs

user32

AppendMenuA
BeginPaint
BringWindowToTop
CallWindowProcA
CheckMenuItem
CheckMenuRadioItem
ClientToScreen
CreateMenu
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
DrawMenuBar
EnableMenuItem
EnableWindow
EndPaint
EnumThreadWindows
FillRect
GetActiveWindow
GetCapture
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetDC
GetMenuItemCount
GetMenuItemInfoA
GetMessageA
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InsertMenuA
InvalidateRect
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
LoadCursorA
LoadImageA
LoadMenuA
MapWindowPoints
MessageBoxA
ModifyMenuA
MoveWindow
PeekMessageA
PostQuitMessage
RedrawWindow
RegisterClassExA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
SendMessageA
SetFocus
SetMenu
SetMenuItemInfoA
SetParent
SetPropA
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow
WindowFromDC

Exports

Exports

CLASSNAMEIS@4
DEBUG@4
GETPROPINFO@8
GETPROPLIST@4
GETPROPVALUE@8
MAINWINDOW@0
MESSAGEDLG@12
SETPROPVALUE@12
SHOWMESSAGE@4
SYSERRORMESSAGE@4
_ZN5MENUS18REGISTERCOMPONENTSEv@0
_ZN9STANDARDS18REGISTERCOMPONENTSEv@0

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 381B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cc030522378f505112bbfb8b83214f3

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 167KB - Virtual size: 166KB

.data Size: 5KB - Virtual size: 5KB

.rdata Size: 11KB - Virtual size: 10KB

.bss Size: - Virtual size: 25KB

.edata Size: 512B - Virtual size: 381B

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 167KB - Virtual size: 166KB

.data
Size: 5KB - Virtual size: 5KB

.rdata
Size: 11KB - Virtual size: 10KB

.bss
Size: - Virtual size: 25KB

.edata
Size: 512B - Virtual size: 381B

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 4KB - Virtual size: 4KB