NEAS[.]5db8750d1ce3f96d06970fc42a093ba0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5db8750d1ce3f96d06970fc42a093ba0_JC.exe
Size

2.4MB
MD5

5db8750d1ce3f96d06970fc42a093ba0
SHA1

35e3a77ffaf50b45a5a68a609c953d58b8acbf6d
SHA256

5c66bdcf661392648e532401c8e0b52ec29a5823a892677531df792aeaa06c63
SHA512

2c291e19892cc08b5368827baa4d4d53eb443cad7c2db04816f295532a1f51fed3f436256a9036a82605f4936aedca602a280020338ab8d5fda0b239d48e9377
SSDEEP

49152:3JE+h1YElLWSN4S/4u/FmgfFoGmXz1Y65HCqOPF7LSEybKy:Z5ZlLWSN4s42FoGmjpOPJxLy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5db8750d1ce3f96d06970fc42a093ba0_JC.exe

Files

NEAS.5db8750d1ce3f96d06970fc42a093ba0_JC.exe
.exe windows:5 windows x86

ed62e59dd54a6022ad62d34f66bf9301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

closesocket

version

GetFileVersionInfoSizeA

rasapi32

RasHangUpA

kernel32

CreateFileMappingA

user32

GetClassInfoA

gdi32

DeleteDC

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

CoTaskMemFree

oleaut32

VariantChangeType

comctl32

ImageList_GetIcon

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseFontA

msvcrt

malloc

psapi

GetMappedFileNameW

Sections

.text
Size: 968KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed62e59dd54a6022ad62d34f66bf9301

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

version

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 968KB - Virtual size: 2.8MB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 100KB - Virtual size: 100KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 968KB - Virtual size: 2.8MB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 100KB - Virtual size: 100KB

.sedata
Size: 4KB - Virtual size: 4KB