NEAS[.]7b35e1d36ee11ab69d08b1c9e06751e0_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.7b35e1d36ee11ab69d08b1c9e06751e0_JC.exe
Size

6.6MB
MD5

7b35e1d36ee11ab69d08b1c9e06751e0
SHA1

e234052bab00b50c2f7af0df33b60cb7fa648975
SHA256

95ac5fce812b4f92864498be333129df4df46f237e87267755c8a1c861104c3c
SHA512

997a299876283d30ed89f7cc2732af078d4932b5d0a98825857e08ed10d8b39ea7216f86dda6f39c05326edceceac8b11cb2745829ab484b5d28af6073772953
SSDEEP

196608:UxqLELE+2QTXAuh0Jc8mGNpntRpwHLXpIgf8/IE3uHPi9c:GfE+drAuh0JcgHntcHLLf8AG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7b35e1d36ee11ab69d08b1c9e06751e0_JC.exe

Files

NEAS.7b35e1d36ee11ab69d08b1c9e06751e0_JC.exe
.exe windows:6 windows x86

762c89e4dbd415d2a670d8a09d9bf840

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
VerifyVersionInfoW
CreateEventW
GetThreadPriority
WinExec
GetSystemDefaultLangID
GetDriveTypeW
EnumCalendarInfoW
GlobalLock
GetUserDefaultLCID
VirtualFree
ClearCommBreak
HeapDestroy
CreateProcessA
GetOverlappedResult
GetACP
GetCPInfoExW
FindNextFileA
LocalFree
SwitchToThread
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
GetOEMCP
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
GetCurrentThreadId
GetProcessHeap
IsDebuggerPresent
IsValidLocale
LCMapStringW
GetProcAddress
GetModuleHandleW
TlsSetValue
TlsAlloc
Sleep
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
HeapReAlloc
GetLastError
GetStringTypeW
DeleteCriticalSection
LeaveCriticalSection
DecodePointer
EncodePointer
EnumResourceNamesW
GetVersion
GetUserDefaultLangID
GetCurrentThread
SignalObjectAndWait
ExpandEnvironmentStringsW
DeleteFileA
ResumeThread
EnumSystemLocalesW
TlsFree
GetSystemTime
OpenFileMappingA
FileTimeToLocalFileTime
GetWindowsDirectoryW
CloseHandle
FindNextFileW
CreateFileMappingA
LoadLibraryA
GetLocalTime
FindClose
EnterCriticalSection
IsValidCodePage
GetThreadLocale
IsDBCSLeadByteEx
GetStartupInfoW
MultiByteToWideChar
ExitThread
GetTimeZoneInformation
GetModuleFileNameW
TerminateProcess
MulDiv
Beep
lstrcpynW
HeapCreate
CreateEventA
ReadProcessMemory
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
WideCharToMultiByte
GetConsoleCP
OpenProcess
GetCommandLineA
VirtualQueryEx
GetWindowsDirectoryA
GetPrivateProfileStringW
GetSystemTimeAsFileTime
GetTickCount
HeapFree
InitializeSListHead
WaitNamedPipeA
SystemTimeToFileTime
SetDllDirectoryW
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
SetErrorMode
GetSystemDefaultUILanguage
TlsGetValue
SetFilePointer
FindFirstFileW
GetEnvironmentVariableW
GetCommandLineW
WriteFile
ExitProcess

user32

CharUpperW
EndDialog
DestroyCaret
SendDlgItemMessageW
MessageBoxW
SetWindowTextA
GetDlgItemTextA
CheckMenuRadioItem
BeginPaint
CharNextW
RegisterWindowMessageW
IsZoomed
ShowCaret
GetCapture
InsertMenuW
GetWindowTextA
GetCaretBlinkTime
WaitMessage
IsRectEmpty
GetMessageTime
LoadIconA
DrawIconEx
GetKeyState
GetMonitorInfoW
GetMessageA
GetDlgItemTextW
ShowOwnedPopups
ClientToScreen
DestroyAcceleratorTable
SetWindowRgn
TrackPopupMenu
SetKeyboardState
RemovePropA
GetWindowInfo
MessageBeep
GetMenuStringW
CharLowerBuffW
SetParent
CreateMenu
GetWindowTextLengthA
DrawEdge
ModifyMenuW
GetQueueStatus
GetKeyboardState
GetWindowPlacement
SetWindowLongA
MessageBoxA
UnionRect
InvalidateRect
LoadMenuW
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
EnableMenuItem
MonitorFromWindow
DrawStateW
DestroyCursor
CheckDlgButton
GetSysColorBrush
GetMenuItemCount
CreateCaret
IsWindow
RemoveMenu
CheckRadioButton
ReleaseCapture
SendMessageW
EndMenu
LoadCursorA
DialogBoxParamA
SetDlgItemTextA
SetScrollInfo
ValidateRect
DestroyIcon

gdi32

SetViewportOrgEx
GetCharacterPlacementW
CreateHatchBrush
DeleteDC
Polygon
SetBkColor
CreatePalette
DeleteObject
CreatePenIndirect
CombineRgn
CreateBrushIndirect
Ellipse
SaveDC
StretchDIBits
GetObjectW
PatBlt
GetNearestPaletteIndex
GetCharWidth32A
GetTextExtentPointA
GetCharABCWidthsFloatA
CreatePen
SetTextAlign
EndDoc
UpdateColors
GetEnhMetaFileHeader
CopyEnhMetaFileA
CreateFontIndirectA
GetTextExtentPoint32W
BitBlt
SetLayout
SetWindowOrgEx
PolyPolygon
Arc
MoveToEx
CreatePolygonRgn
ExtCreatePen
GetBitmapBits
SetDIBColorTable
TextOutA
ExtTextOutA
RoundRect
SetPolyFillMode
OffsetRgn
Rectangle
SetStretchBltMode
CreateBitmap
GetPaletteEntries

comdlg32

GetOpenFileNameW

advapi32

LookupPrivilegeValueW
RegQueryValueExW
RegLoadKeyW
ControlService
GetLengthSid
RegSetKeySecurity
RegDeleteValueA
QueryServiceStatus
SetSecurityDescriptorDacl
RegQueryInfoKeyW
CloseServiceHandle
RegOpenKeyExA

shell32

SHGetFileInfoW
CommandLineToArgvW

ole32

CoTaskMemFree

oleaut32

SysFreeString
VariantInit
SysReAllocStringLen
SysAllocStringLen

Exports

Exports

?__dtzaucgyzvpiu@@YA_WXZ
?__gitjmvqpru@@YAMXZ
?__ibybnhbhs@@YAFXZ
?__poesbwxqhkmmz@@YAJXZ
?__tiodgsnizdg@@YAFXZ
?__wczxihwvzjv@@YAKXZ

Sections

.text
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.info
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vunhjl
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yrnjbd
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

762c89e4dbd415d2a670d8a09d9bf840

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 763KB - Virtual size: 763KB

.info Size: 512B - Virtual size: 10B

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 7KB - Virtual size: 6KB

.info Size: 2KB - Virtual size: 2KB

.vunhjl Size: 1KB - Virtual size: 1KB

.yrnjbd Size: 512B - Virtual size: 99B

.reloc Size: 20KB - Virtual size: 20KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 763KB - Virtual size: 763KB

.info
Size: 512B - Virtual size: 10B

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 7KB - Virtual size: 6KB

.info
Size: 2KB - Virtual size: 2KB

.vunhjl
Size: 1KB - Virtual size: 1KB

.yrnjbd
Size: 512B - Virtual size: 99B

.reloc
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 2KB