NEAS[.]6f86534b9fb8bc2eeeea787804da80d0_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.6f86534b9fb8bc2eeeea787804da80d0_JC.exe
Size

415KB
MD5

6f86534b9fb8bc2eeeea787804da80d0
SHA1

4f1e72fa45d1d1726bc5fce73341b455e0627b08
SHA256

b766cd18d32d1b669215a6641be40a371744d26f631ee9388005511a3b938964
SHA512

35fc8659ede0433b1806cdd4e2c2c8f95ca982ea9137c0869cceeb7520a5b1aee4f8b4a02a06ff754307615cf3597612eb9b93751cd3459dbee21db5f5f65c30
SSDEEP

12288:cNzlZAXUXzpA8Jr9j1nhv7cbYGCL7fMdTk:chMmW8xrnhTcYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6f86534b9fb8bc2eeeea787804da80d0_JC.exe

Files

NEAS.6f86534b9fb8bc2eeeea787804da80d0_JC.exe
.dll windows:6 windows x86

6ec1b6b05b219bb02c165a7efc6c6592

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
GetCurrentDirectoryA
GetTempPathA
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
_purecall
__std_terminate
__std_exception_copy
memset
memcpy
__RTDynamicCast
__CxxFrameHandler3
_CxxThrowException
strstr
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_seh_filter_dll
_errno
_configure_narrow_argv
_initterm
_initterm_e
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

strcspn
isdigit
isprint
isalpha
strspn

api-ms-win-crt-convert-l1-1-0

atof
atoi

api-ms-win-crt-filesystem-l1-1-0

rename
remove
_stat64i32

api-ms-win-crt-stdio-l1-1-0

_sopen_dispatch
__stdio_common_vsscanf
_close
__stdio_common_vsprintf_s

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

Exports

Exports

BIBUtilsGetVersion
BIBUtilsInitialize
BIBUtilsTerminate

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ec1b6b05b219bb02c165a7efc6c6592

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 267KB - Virtual size: 268KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 267KB - Virtual size: 268KB