NEAS[.]063a723e50465c57b50ddb0daf190b80_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.063a723e50465c57b50ddb0daf190b80_JC.exe
Size

1.3MB
MD5

063a723e50465c57b50ddb0daf190b80
SHA1

865e9173ba5752ac9d2c2d3a753cd38a90de50a0
SHA256

69c15c990e262c6efe192ffd47e6dcb8ba8d122285dbe00988f3a9bab7fce967
SHA512

fe2f2758b0a3a5bfc25ce7aa9a27a4be719de2a7cac7358905a2255e5a0a72c17ff4c83976f747c74f77628a17dceaf89f33baaeebb942fe01f941e77dcc8741
SSDEEP

24576:lF/tesVefRIshPOAR5v77odBhWpw2sgS1U8N7l/haK9qXVa9Eb495ONqnOy:YVjH/1pwD1XN3Z9wYnOy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.063a723e50465c57b50ddb0daf190b80_JC.exe

Files

NEAS.063a723e50465c57b50ddb0daf190b80_JC.exe
.exe windows:5 windows x86

7bc3cb5133ce52d7b20648fd139355c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32NextW
Module32FirstW
Module32NextW
FileTimeToSystemTime
GetTempPathW
GetDiskFreeSpaceW
GetLocalTime
FileTimeToLocalFileTime
GetVersionExW
lstrcpynW
lstrcpyW
lstrlenA
FreeResource
GetFileAttributesExW
GlobalSize
WritePrivateProfileStringW
TerminateProcess
FormatMessageW
GetShortPathNameW
GetLogicalDrives
GetDriveTypeW
GetVolumeInformationW
GetStartupInfoW
MoveFileW
lstrcatW
MulDiv
GetFileTime
GetDateFormatW
GetTimeFormatW
GetPrivateProfileStringW
LoadLibraryA
CopyFileW
CompareFileTime
FlushFileBuffers
GetSystemInfo
SetFilePointerEx
GetTempFileNameW
IsBadReadPtr
Process32FirstW
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
CreateToolhelp32Snapshot
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetModuleFileNameA
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
VirtualQuery
VirtualProtect
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSizeEx
CreateMutexW
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
CreateFileA
GetSystemTimeAsFileTime
OutputDebugStringW
GetSystemTime
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
OpenMutexW
GetFileAttributesW
MoveFileExW
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateProcessW
CreateDirectoryW
WideCharToMultiByte
CompareStringW
ResetEvent
SetEvent
CreateThread
CreateEventW
Sleep
GetTickCount
SetLastError
GetCommandLineW
ReadFile
GetFileSize
WriteFile
GetStdHandle
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
lstrcmpiW
SetFileAttributesW
RemoveDirectoryW
WaitForSingleObject
GetModuleHandleW
SetPriorityClass
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
MultiByteToWideChar
LocalFree
GetLastError
FindNextFileW
FindClose
FindFirstFileW
DeleteFileW
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
ExitProcess
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
GlobalFree
RaiseException
GetVersion
GetModuleFileNameW
FindResourceExW
FindResourceW
LoadResource
GetPrivateProfileIntW
LockResource
SizeofResource

user32

MoveWindow
EnableWindow
IsWindowEnabled
WindowFromPoint
SetCursor
ClientToScreen
LoadImageW
FillRect
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
PtInRect
DeleteMenu
GetMenuItemInfoW
InsertMenuW
InflateRect
GetSysColor
GetWindowDC
GetSystemMetrics
GetSysColorBrush
InsertMenuItemW
GetFocus
ReleaseDC
UnregisterClassA
GetDC
GetClientRect
SendMessageW
GetParent
InvalidateRect
PostMessageW
SetWindowRgn
SetWindowLongW
EndDialog
GetWindowLongW
KillTimer
MapWindowPoints
GetCursorPos
EndPaint
GetKeyState
IsDialogMessageW
LockWindowUpdate
SetParent
IsClipboardFormatAvailable
GetMenuState
RegisterClipboardFormatW
GetClipboardData
IsIconic
EnableMenuItem
GetMenuStringW
wvsprintfW
SetRectEmpty
BeginPaint
SetTimer
LoadCursorW
SetWindowTextW
AppendMenuW
GetMessagePos
DrawEdge
SystemParametersInfoW
GetDlgItemInt
SetDlgItemInt
GetClassInfoW
RegisterClassW
GetIconInfo
DrawTextW
CopyRect
GetDlgCtrlID
FrameRect
AdjustWindowRectEx
IsRectEmpty
GetScrollPos
GetScrollInfo
ScrollWindow
SetScrollPos
ShowScrollBar
ScreenToClient
wsprintfW
MonitorFromPoint
GetMenuItemCount
CreatePopupMenu
SetPropW
GetPropW
PostThreadMessageW
LoadIconW
SetWindowPos
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetActiveWindow
DestroyIcon
ShowWindow
PostQuitMessage
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
SetActiveWindow
SetForegroundWindow
SetDlgItemTextW
GetDlgItem
SetFocus
BringWindowToTop
GetWindowTextW
GetWindowTextLengthW
IsDlgButtonChecked
SetScrollInfo
GetDesktopWindow
GetSubMenu
LoadMenuW
RedrawWindow
MessageBeep
GetMenuItemID
TrackPopupMenu
SetMenuDefaultItem
DialogBoxParamW
CreateDialogParamW
GetClassInfoExW
RegisterClassExW
FindWindowW
CharNextW
DestroyMenu
DestroyWindow
CreateWindowExW
IsWindow
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageW
IsWindowUnicode
GetMessageW
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
RegisterWindowMessageW
CallWindowProcW
DefWindowProcW

gdi32

GetTextMetricsW
DPtoLP
CreateDCW
GetBkColor
GetTextColor
EnumFontFamiliesExW
GetTextExtentPointA
GetTextMetricsA
RoundRect
CreatePenIndirect
GetCurrentObject
CreateSolidBrush
CreateFontW
SetTextColor
SetBkMode
GetDeviceCaps
CreatePatternBrush
CreateBitmap
PatBlt
ExtTextOutW
SetBkColor
StretchBlt
SetViewportOrgEx
BitBlt
CreatePolygonRgn
CreateRoundRectRgn
CombineRgn
CreateRectRgn
GetPixel
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
GetStockObject
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegQueryValueExA
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
RegCloseKey

shell32

SHGetMalloc
SHGetDesktopFolder
SHChangeNotify
Shell_NotifyIconW
ord680
CommandLineToArgvW
ord4
ShellExecuteW
SHBindToParent
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
ord21
ord18
ord190
SHBrowseForFolderW
ord23
ord17
ord165
ShellExecuteExW
DragAcceptFiles
ord71
ord2
SHGetSpecialFolderPathW
ord152
SHFileOperationW
DragQueryFileW
DragQueryPoint
ord155
ord153

ole32

OleCreateStaticFromData
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfile
IIDFromString
DoDragDrop
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarUI4FromStr
SysAllocStringLen
SysAllocString
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysStringLen
VariantInit
SafeArrayCreateVector
OleTranslateColor
OleLoadPicture

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

StrCmpW
SHSetValueW
PathRenameExtensionW
StrRStrIW
PathSearchAndQualifyW
SHGetValueW
PathIsDirectoryW
PathCompactPathExW
PathAddExtensionW
PathRemoveFileSpecW
PathAppendW
PathCombineW
SHDeleteKeyW
PathFileExistsW
PathIsRelativeW
PathFindExtensionW
StrCmpIW
ord437
PathFindFileNameW
PathRemoveExtensionW

comctl32

ImageList_Draw
ImageList_Create
ImageList_Remove
ImageList_SetImageCount
ImageList_Replace
_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipSetInterpolationMode
GdipGraphicsClear
GdipGetImageGraphicsContext
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipBitmapSetResolution
GdipBitmapGetPixel
GdipBitmapUnlockBits
GdipBitmapSetPixel
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipDeleteGraphics
GdipGetImageWidth
GdipBitmapLockBits

Sections

.text
Size: 884KB - Virtual size: 883KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7bc3cb5133ce52d7b20648fd139355c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

version

shlwapi

comctl32

gdiplus

Sections

.text Size: 884KB - Virtual size: 883KB

.rdata Size: 151KB - Virtual size: 151KB

.data Size: 32KB - Virtual size: 41KB

.rsrc Size: 153KB - Virtual size: 152KB

.reloc Size: 136KB - Virtual size: 136KB

.text
Size: 884KB - Virtual size: 883KB

.rdata
Size: 151KB - Virtual size: 151KB

.data
Size: 32KB - Virtual size: 41KB

.rsrc
Size: 153KB - Virtual size: 152KB

.reloc
Size: 136KB - Virtual size: 136KB