NEAS[.]1e0fe03f36694c3b45a3daec8cede8d0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1e0fe03f36694c3b45a3daec8cede8d0_JC.exe
Size

357KB
MD5

1e0fe03f36694c3b45a3daec8cede8d0
SHA1

2024a78fe0f42e985281e79e790cc3d8f739fa79
SHA256

1fa3e144dd0de38d3b55d9d650ca9d0e698cbda418985cfe66d322563e7a6b13
SHA512

c232b665375837b62ce77f51a89c36c22abbdeb7b63fde419a4a102067374eeef87f2e9cb0a95dc69743ee7ccc664a60f454a8d71e5cbefa87850ada0a70c250
SSDEEP

6144:TBYJdl2biRxvOCOxY2dMoaY/nQNZUHDXqN3UF9tvqH8UjUaFmVS9yBtHrl1OJ97s:TBgD2+bOyQP9/jHjqGpqH8vaAAmtlw9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1e0fe03f36694c3b45a3daec8cede8d0_JC.exe

Files

NEAS.1e0fe03f36694c3b45a3daec8cede8d0_JC.exe
.exe windows:5 windows x86

58206be4c1052929a2c127f096bea7ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetDateFormatW
SetEvent
ConnectNamedPipe
QueryDosDeviceA
GetSystemTime
CreateEventW
LocalFileTimeToFileTime
LeaveCriticalSection
GetExitCodeProcess
FormatMessageA
GetCurrentThreadId
SetLastError
FlushFileBuffers
UnregisterWaitEx
GetCurrentProcess
SetFileAttributesA
GetThreadTimes
GetVersionExA
EnumSystemCodePagesW
SetFileTime
DeleteFileA
SystemTimeToFileTime
WriteFile
DeleteCriticalSection
GlobalDeleteAtom
EnumResourceTypesA
GetPrivateProfileIntW
EnterCriticalSection
GetFileAttributesA
Sleep
SetEnvironmentVariableA
CopyFileA
MoveFileA
GetProcessHeap
TerminateProcess
GetDiskFreeSpaceA
SetFilePointerEx
IsValidLanguageGroup
GetNumberFormatA
GlobalAddAtomA
GetCurrentDirectoryA
CreateFileA
GetEnvironmentVariableA
SetEndOfFile
CreateProcessA
WaitForMultipleObjects
GetFileSize
GlobalFindAtomA
DosDateTimeToFileTime
GetDriveTypeA
ConsoleMenuControl
LocalLock
GetShortPathNameW
GlobalGetAtomNameA
QueryPerformanceCounter
CopyFileExW
GetCurrentProcessId
GetTempFileNameA
RaiseException
OpenEventA
CreateNamedPipeA

ole32

CoRevokeClassObject
StgOpenStorage
OleDuplicateData
CoInitialize
CoUninitialize
OleSetClipboard
StgIsStorageFile

comctl32

ImageList_Remove
ImageList_Destroy
ImageList_Add
ImageList_Draw
InitCommonControls
ImageList_Create
ImageList_GetIconSize
ImageList_SetIconSize

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmGetContext

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

user32

DispatchMessageW
CreateWindowExW
GetMenuItemInfoW
SetCursor
GetFocus
ShowScrollBar
DefWindowProcW
ShowOwnedPopups
CharLowerBuffW
InsertMenuItemW
InsertMenuW
SetTimer
TabbedTextOutW
SetClassLongW
CharNextW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58206be4c1052929a2c127f096bea7ee

Headers

File Characteristics

Imports

kernel32

ole32

comctl32

imm32

rpcrt4

user32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 5KB - Virtual size: 5KB

.rdata Size: 326KB - Virtual size: 335KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 5KB - Virtual size: 5KB

.rdata
Size: 326KB - Virtual size: 335KB