NEAS[.]dba4f2e1594a86f82ee3af3292e168c0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.dba4f2e1594a86f82ee3af3292e168c0_JC.exe
Size

36KB
MD5

dba4f2e1594a86f82ee3af3292e168c0
SHA1

4aad15470fd4a32b0b46066cb077b12dcefa13fc
SHA256

7bdc555db607314057e0b0ccc94084a85cee86338c62c04b2788e92444b091f9
SHA512

d4dba6daf7b68e74fd9eec073e98e960a9587fbc58e0a206562b4cf549bd7f122692c5943933a07edef362156b7c9b113e8c4008a47d78afcb859aa5847bb099
SSDEEP

384:uNTmwVxb3pw9UG1AgXKPXMhINMg/Cz+hAe5CeEXZg51xxxYs7824UETxFFEwEqXN:uNTnpw9Uws80pJje2wju2zj4dJ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.dba4f2e1594a86f82ee3af3292e168c0_JC.exe

Files

NEAS.dba4f2e1594a86f82ee3af3292e168c0_JC.exe
.dll windows:10 windows x64

877dcafb23af5f9fa8914ba21d3d46ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcrt

_lock
_amsg_exit
__C_specific_handler
__dllonexit
_onexit
__CxxFrameHandler3
_initterm
_unlock
malloc
_callnewh
_XcptFilter
free
memmove
_purecall
memset

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-2-0

InitializeCriticalSection
CreateEventExW
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ReleaseSRWLockShared
SetEvent
DeleteCriticalSection
AcquireSRWLockExclusive
Sleep
InitializeSRWLock
AcquireSRWLockShared
ReleaseSRWLockExclusive

api-ms-win-core-winrt-error-l1-1-1

RoOriginateError

api-ms-win-core-com-l1-1-1

CoIncrementMTAUsage
CoCreateInstance
CoTaskMemFree
CoGetMalloc
CoUninitialize
CoInitializeEx
CoTaskMemRealloc
CoRegisterClassObject
CoDecrementMTAUsage
CoRevokeClassObject
CoCreateFreeThreadedMarshaler

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

api-ms-win-core-errorhandling-l1-1-1

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
TerminateProcess

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-2-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-delayload-l1-1-1

DelayLoadFailureHook
ResolveDelayLoadedAPI

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

877dcafb23af5f9fa8914ba21d3d46ba

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-com-l1-1-1

api-ms-win-core-handle-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-rtlsupport-l1-2-0

api-ms-win-core-delayload-l1-1-1

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 3KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 24B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 400B

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 24B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 400B