NEAS[.]c78c7771ba701f307ded23f030092d60_JC[.]exe

General

Target

NEAS.c78c7771ba701f307ded23f030092d60_JC.exe
Size

149KB
MD5

c78c7771ba701f307ded23f030092d60
SHA1

2f6416249f178b24505a0e8200224376e3018753
SHA256

51753840ce5f7656f7f00c05ff64948f039977563402f0ef7596552198a2418c
SHA512

a90d44736200b0ddb29da55b6a29807681a5a542bea8b6813ef9e638616464cd30daa6466439a47cfadc52de65415f630f7d34d34871563a9ce1b7b5e86d3c04
SSDEEP

3072:xqfRweGqLdqjJCD78NLN4NFm3sjpCe2lQBV+UdE+rECWp7hK7X:xuRwRqLdqjJWq4NF/pCEBV+UdvrEFp7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c78c7771ba701f307ded23f030092d60_JC.exe

Files

NEAS.c78c7771ba701f307ded23f030092d60_JC.exe
.exe windows:1 windows x86

f7eda73160516f062459ef07c775e3c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetProfileIntA
CloseHandle
GetVersionExA
OpenProcess
RtlUnwind
TerminateProcess
WaitForSingleObject
WideCharToMultiByte
lstrcpyA
lstrlenA

user32

GetWindowTextA
GetWindowThreadProcessId
DialogBoxParamA
EndDialog
DefDlgProcA
GetDlgItem
GetDialogBaseUnits
UpdateWindow
InvalidateRect
LoadCursorA
LoadIconA
SendMessageA
FindWindowExA
RegisterClassA
PostMessageA
EnumWindows

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

comctl32

InitCommonControls

crtdll

_iob
_itoa
__GetMainArgs
_open
_stricmp
_strnicmp
atol
exit
fputc
free
localeconv
malloc
memcpy
memmove
memset
pow
raise
realloc
signal
strcat
strchr
strrchr
strtol
wcslen
wctomb
_close

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7eda73160516f062459ef07c775e3c7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

crtdll

Sections

.text Size: 29KB - Virtual size: 29KB

.bss Size: - Virtual size: 85KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 29KB - Virtual size: 29KB

.bss
Size: - Virtual size: 85KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 34KB - Virtual size: 34KB