Static task
static1
Behavioral task
behavioral1
Sample
NEAS.02305aba4c5b4c4d0ed7114f4536a570_JC.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral2
Sample
NEAS.02305aba4c5b4c4d0ed7114f4536a570_JC.exe
Resource
win10v2004-20231025-en
windows10-2004-x64
General
-
Target
NEAS.02305aba4c5b4c4d0ed7114f4536a570_JC.exe
-
Size
694KB
-
MD5
02305aba4c5b4c4d0ed7114f4536a570
-
SHA1
8ca1498509bde47a6346e39ce8c6fdbd966f2273
-
SHA256
b26515e45491630f1b330b1d793f277d4565ccbd4a4ac1c3ed3add913842b50a
-
SHA512
c08364c648a5810691688ae37aa92aa68ffa6b01363643d5da169dcea195d4fc0a7cd2022dfa20f1a484aac47c82bc41aa00e522cc17dad32119937685549146
-
SSDEEP
12288:0fYQi86Nq4xyV/TyR6lfiAXFOuJDI9qMTHo6W4SyFHU3MLQD7hCP0m:Ozp6N7UV/OR6lfiAXFOulGq4o14SyFoZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.02305aba4c5b4c4d0ed7114f4536a570_JC.exe
Files
-
NEAS.02305aba4c5b4c4d0ed7114f4536a570_JC.exe.exe windows:4 windows x86
f2c2ee933fc09bdf4aa86fc9086747ce
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalAlloc
LocalFree
SetStdHandle
RemoveDirectoryA
InterlockedDecrement
InitializeCriticalSection
FindFirstFileW
UnmapViewOfFile
GetCommandLineA
GetStringTypeW
GetFileType
GetEnvironmentStringsW
GetTickCount
GetLocalTime
MultiByteToWideChar
GetModuleHandleA
InterlockedCompareExchange
GetUserDefaultLCID
FreeEnvironmentStringsA
lstrcpynA
SetFileAttributesW
FatalAppExitA
HeapFree
lstrcmpiA
GetFileAttributesW
GetTimeZoneInformation
LocalReAlloc
lstrcpynW
LoadLibraryA
Sleep
lstrcatA
GetSystemDirectoryA
GetStringTypeA
UnlockFile
EnumSystemLocalesA
HeapCreate
DeleteFileA
VirtualAlloc
GetProfileStringA
GetFileTime
lstrcpyW
GetLastError
ExpandEnvironmentStringsW
IsBadWritePtr
QueryPerformanceFrequency
_lclose
MoveFileA
GlobalGetAtomNameA
CreateMutexA
LocalAlloc
GetPriorityClass
CreateProcessA
ExitProcess
GetFileInformationByHandle
GlobalFindAtomW
TlsAlloc
CreateFileMappingW
LCMapStringW
LeaveCriticalSection
ReadFile
GetModuleFileNameA
GetFullPathNameA
SizeofResource
SuspendThread
GetFileSize
CloseHandle
GlobalHandle
GetCurrentProcess
GetStartupInfoW
SetEndOfFile
VirtualProtect
FindResourceExW
SetFilePointer
GetProcAddress
SleepEx
OpenFile
VirtualFree
CreateThread
GetLogicalDrives
GetFileAttributesA
FormatMessageA
GetSystemTime
SetFileTime
FileTimeToSystemTime
GetProcessVersion
EnterCriticalSection
SetErrorMode
FindClose
lstrcatW
DuplicateHandle
lstrcpyA
SearchPathA
FileTimeToLocalFileTime
QueryPerformanceCounter
GetExitCodeProcess
VirtualQuery
lstrcmpA
FileTimeToDosDateTime
GetConsoleMode
TlsGetValue
LoadResource
CompareStringA
CopyFileA
FindNextFileW
WriteFile
SystemTimeToFileTime
FindResourceA
WideCharToMultiByte
GetFullPathNameW
TerminateThread
RaiseException
SetHandleCount
FlushFileBuffers
GetLocaleInfoW
PeekNamedPipe
TerminateProcess
GetVolumeInformationA
CreateDirectoryW
DeleteCriticalSection
CreateDirectoryA
GetTimeFormatA
CompareStringW
GetThreadLocale
LockResource
GlobalLock
GetModuleFileNameW
lstrcmpW
GetConsoleCP
GetConsoleOutputCP
TlsSetValue
AreFileApisANSI
GetCommandLineW
lstrlenA
CreateFileA
GetEnvironmentVariableA
WriteConsoleA
GetOEMCP
MulDiv
GetCurrentDirectoryA
GetDriveTypeW
GlobalAddAtomW
TlsFree
LoadLibraryW
GlobalFree
InterlockedIncrement
RtlUnwind
GlobalDeleteAtom
IsBadStringPtrA
HeapAlloc
OpenMutexA
SetLastError
LCMapStringA
GlobalFlags
GetEnvironmentStrings
ResumeThread
GetVersionExA
GetSystemTimeAsFileTime
EnumResourceLanguagesA
GlobalUnlock
HeapReAlloc
GetCurrentThread
_lwrite
MoveFileW
CreateToolhelp32Snapshot
GetCurrentProcessId
CreateFileW
GetTempPathA
InterlockedExchange
WritePrivateProfileStringA
OpenProcess
HeapDestroy
SetHandleInformation
GetDiskFreeSpaceExA
ReleaseSemaphore
WaitForSingleObject
GetCurrentThreadId
FreeLibrary
SetEnvironmentVariableA
GetPrivateProfileSectionA
GetShortPathNameA
GetLocaleInfoA
GlobalFindAtomA
CreateEventA
FreeEnvironmentStringsW
GetCPInfo
GetStartupInfoA
WriteConsoleW
lstrlenW
FindFirstChangeNotificationW
GetStdHandle
GetVersion
GlobalReAlloc
GetTempFileNameA
UnhandledExceptionFilter
GetExitCodeThread
LockFile
_lopen
ExitThread
GetUserDefaultLangID
FreeResource
IsDebuggerPresent
GetWindowsDirectoryA
WinExec
ole32
OleSetContainedObject
CLSIDFromString
CoMarshalInterThreadInterfaceInStream
ReadClassStg
CreateFileMoniker
OleRegEnumVerbs
OleInitialize
OleGetClipboard
ReadFmtUserTypeStg
ProgIDFromCLSID
StgIsStorageFile
StgCreateDocfile
CoRegisterClassObject
CoInitializeEx
CoTaskMemAlloc
CoLockObjectExternal
GetRunningObjectTable
OleLockRunning
OleTranslateAccelerator
CoGetClassObject
StringFromGUID2
WriteFmtUserTypeStg
CreateOleAdviseHolder
CoFreeUnusedLibraries
OleSaveToStream
OleRun
OleDuplicateData
CoCreateInstance
StringFromCLSID
CreateGenericComposite
CoUninitialize
CLSIDFromProgID
OleLoad
OleDestroyMenuDescriptor
CoTaskMemRealloc
OleQueryLinkFromData
OleUninitialize
OleSetClipboard
OleCreateMenuDescriptor
DoDragDrop
OleCreateStaticFromData
OleRegGetMiscStatus
SetConvertStg
CoRevokeClassObject
WriteClassStg
CoInitialize
CoDisconnectObject
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
OleFlushClipboard
CreateItemMoniker
RevokeDragDrop
CoLoadLibrary
IsAccelerator
CreateStreamOnHGlobal
ReleaseStgMedium
OleQueryCreateFromData
GetHGlobalFromILockBytes
CoGetMalloc
CoTreatAsClass
CreateBindCtx
StgOpenStorage
WriteClassStm
CoTaskMemFree
OleIsRunning
CreateDataAdviseHolder
StgCreateDocfileOnILockBytes
OleRegGetUserType
RegisterDragDrop
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
GetHGlobalFromStream
comctl32
ImageList_Add
ImageList_GetImageCount
ImageList_Draw
CreateStatusWindowW
ImageList_Remove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_Replace
ImageList_SetBkColor
ImageList_DragMove
ImageList_Create
ImageList_DragLeave
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_GetIcon
ImageList_DrawIndirect
PropertySheetA
ImageList_LoadImageA
ord17
ImageList_DrawEx
ImageList_Write
ImageList_Destroy
ImageList_GetIconSize
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_Read
ImageList_SetDragCursorImage
CreatePropertySheetPageA
ImageList_DragEnter
comdlg32
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleA
PrintDlgA
GetFileTitleW
ChooseColorA
PageSetupDlgA
CommDlgExtendedError
GetSaveFileNameA
gdi32
ExtTextOutA
Arc
GetNearestPaletteIndex
CreateCompatibleBitmap
SetAbortProc
CreateFontA
PtInRegion
SetBoundsRect
ExtFloodFill
SetDIBitsToDevice
SetTextColor
GetDeviceCaps
PlayEnhMetaFile
SetViewportExtEx
CreateHalftonePalette
GetTextFaceW
CreateEllipticRgn
GetStockObject
SetArcDirection
PolylineTo
GetCharABCWidthsFloatA
OffsetWindowOrgEx
StretchBlt
GetSystemPaletteEntries
GetTextFaceA
PlgBlt
CreateSolidBrush
CreateDIBitmap
SetTextCharacterExtra
EndPage
ResetDCA
GetCharWidthA
CreateRectRgn
CreateBitmap
SetBitmapBits
GdiFlush
UnrealizeObject
SetPixelV
GetPixel
SetWindowExtEx
SetMiterLimit
IntersectClipRect
ScaleViewportExtEx
SetViewportOrgEx
ExtCreatePen
GetDIBits
StartDocA
TextOutA
CreateFontW
InvertRgn
AbortPath
GetStretchBltMode
ExtEscape
GetBrushOrgEx
GetTextCharacterExtra
SaveDC
CreateHatchBrush
CreateFontIndirectA
LineTo
GetPolyFillMode
CopyMetaFileW
GetColorAdjustment
SelectPalette
DrawEscape
PolyPolyline
GdiComment
GetArcDirection
GetMapMode
SelectClipRgn
RectVisible
CloseEnhMetaFile
RestoreDC
Rectangle
Ellipse
AnimatePalette
GetTextColor
CreatePolygonRgn
DeleteDC
CreateDIBSection
AngleArc
PolyBezier
GetClipRgn
WidenPath
GetViewportExtEx
UpdateColors
PaintRgn
Escape
CreateRectRgnIndirect
SetBkMode
SetPolyFillMode
CreateDCW
StrokeAndFillPath
BeginPath
SelectClipPath
FloodFill
GetRegionData
EnumFontFamiliesExA
CreateEnhMetaFileA
GetAspectRatioFilterEx
LPtoDP
RealizePalette
GetBkColor
GetCharWidthFloatA
SetROP2
GetGlyphOutlineA
OffsetClipRgn
GetCurrentPositionEx
SetTextJustification
GetBoundsRect
GetRgnBox
FillPath
CreateBrushIndirect
GetCurrentObject
SelectObject
StartDocW
PatBlt
AbortDoc
GetClipBox
GetNearestColor
DeleteMetaFile
GetBitmapBits
GetTextAlign
CreatePatternBrush
SetStretchBltMode
GetViewportOrgEx
CreateFontIndirectW
ScaleWindowExtEx
SetPaletteEntries
MoveToEx
GetTextExtentPoint32A
ExtCreateRegion
EqualRgn
EnumObjects
FrameRgn
GetOutlineTextMetricsA
DPtoLP
SetTextAlign
CloseMetaFile
GetTextMetricsA
SetRectRgn
GetTextExtentExPointA
StrokePath
OffsetRgn
SetBkColor
GetDCOrgEx
GetTextCharsetInfo
CreateDCA
DeleteObject
PlayMetaFile
RectInRegion
ExtTextOutW
SetGraphicsMode
PolyPolygon
CopyMetaFileA
Polygon
SetMapMode
CreateICA
CreatePenIndirect
EndPath
PolyBezierTo
Polyline
GetTextExtentPointA
ExtSelectClipRgn
CreatePen
CreateEllipticRgnIndirect
Chord
StretchDIBits
CombineRgn
SetDIBColorTable
ResizePalette
MaskBlt
StartPage
OffsetViewportOrgEx
SetBrushOrgEx
RoundRect
SetWindowOrgEx
GetCharABCWidthsA
GetTextMetricsW
CreateRoundRectRgn
GetKerningPairsA
CreateDiscardableBitmap
GetWindowExtEx
EnumFontFamiliesA
GetPaletteEntries
CreatePalette
ExcludeClipRect
GetObjectA
CreateMetaFileA
PtVisible
GetTextExtentPoint32W
EndDoc
SetPixel
CreateCompatibleDC
GetObjectW
BitBlt
GetMiterLimit
GetBkMode
user32
ModifyMenuW
GetDoubleClickTime
LoadStringA
AppendMenuW
LoadCursorW
MessageBoxW
IsWindowUnicode
DestroyMenu
IsChild
ShowCaret
ShowScrollBar
DrawStateA
EmptyClipboard
SetCursor
CopyRect
SetRectEmpty
GetSysColor
GetMenu
DrawFocusRect
DdeConnect
InvalidateRgn
LoadAcceleratorsW
PeekMessageA
SetWindowTextA
LoadMenuW
ScreenToClient
GetCaretBlinkTime
GetMessageA
MonitorFromPoint
GetClassInfoA
ReleaseDC
GetClassLongA
GetWindowTextLengthA
LoadAcceleratorsA
SetScrollInfo
UnregisterClassA
GetKeyState
WaitMessage
DeleteMenu
TrackPopupMenuEx
SendDlgItemMessageW
LoadBitmapA
DeferWindowPos
GetDC
CopyImage
SendMessageA
RegisterClassA
UnhookWindowsHookEx
WinHelpA
ModifyMenuA
CreateDialogIndirectParamW
ScrollWindow
GetMessagePos
TrackPopupMenu
KillTimer
PostThreadMessageA
GetParent
CharUpperA
SetForegroundWindow
GetMenuDefaultItem
CallWindowProcA
SetWindowContextHelpId
DefDlgProcA
CheckMenuRadioItem
LoadIconA
ExcludeUpdateRgn
SetWindowsHookExA
IsDialogMessageW
WinHelpW
BeginDeferWindowPos
CopyAcceleratorTableA
PtInRect
PostMessageA
RegisterWindowMessageA
SetWindowPlacement
UnionRect
TabbedTextOutA
LoadImageA
UnregisterClassW
GetWindow
HideCaret
GetKeyboardLayout
CreateWindowExW
GetMenuItemCount
GetDlgItem
SetScrollRange
WindowFromDC
SetParent
CreateWindowExA
EndDialog
IsMenu
ValidateRect
MessageBoxA
SetMenuItemBitmaps
GetMenuItemInfoA
SetDlgItemInt
GetMenuItemInfoW
GetDlgCtrlID
GetWindowLongA
DrawTextA
CreateCaret
DrawStateW
EnableWindow
GetCursorPos
FrameRect
TranslateAcceleratorA
DrawIcon
MsgWaitForMultipleObjects
UnpackDDElParam
FillRect
IsWindowVisible
SubtractRect
BeginPaint
GetDCEx
SetMenu
GetMenuCheckMarkDimensions
GetActiveWindow
CreateDialogParamA
IsDlgButtonChecked
SetActiveWindow
GetAsyncKeyState
InflateRect
LoadImageW
PeekMessageW
CheckRadioButton
ClientToScreen
CharNextA
GetWindowTextA
GetClassInfoExA
EndPaint
FindWindowA
RegisterClassExA
RegisterClipboardFormatA
EndDeferWindowPos
SendMessageW
MessageBeep
IsWindow
GrayStringA
LoadBitmapW
RemovePropA
EnumClipboardFormats
CallNextHookEx
GetMenuItemID
CharLowerW
SetTimer
SetWindowRgn
SetWindowPos
RedrawWindow
SetMenuDefaultItem
GetClassNameA
wsprintfA
CharUpperBuffW
GetIconInfo
GetNextDlgGroupItem
SetCapture
EnumWindows
GetTopWindow
GetClientRect
DrawTextW
GetClassInfoW
UpdateWindow
GetPropA
TranslateMessage
RegisterClassW
DispatchMessageA
DestroyWindow
AppendMenuA
GetDesktopWindow
ReplyMessage
GetMessageTime
PostQuitMessage
LoadCursorA
IntersectRect
SystemParametersInfoA
GetFocus
ReleaseCapture
SetClassLongA
CharUpperW
IsDialogMessageA
DrawEdge
SendDlgItemMessageA
ShowWindow
GetLastActivePopup
GetKeyboardState
GetWindowTextW
GetWindowRect
DrawMenuBar
InsertMenuA
GetSysColorBrush
SetFocus
AdjustWindowRectEx
GetWindowDC
CharLowerA
GetForegroundWindow
GetSubMenu
GetMenuState
GetScrollRange
PostThreadMessageW
IsRectEmpty
GetMessageW
EnableMenuItem
LockWindowUpdate
DestroyAcceleratorTable
SetWindowLongA
DestroyIcon
IsIconic
MapVirtualKeyExA
GetDlgItemInt
InvalidateRect
GetNextDlgTabItem
GetWindowPlacement
DestroyCursor
GetCursor
DrawTextExA
MonitorFromWindow
EnumChildWindows
SetCursorPos
HiliteMenuItem
CopyIcon
CheckMenuItem
OffsetRect
SetClipboardData
MapWindowPoints
GetTabbedTextExtentA
GetCapture
GetScrollPos
IsClipboardFormatAvailable
MapDialogRect
RemovePropW
DefWindowProcW
IsWindowEnabled
GetSystemMetrics
SetWindowTextW
GetSystemMenu
DefWindowProcA
SetRect
EqualRect
ExitWindowsEx
CharNextW
OemToCharA
RegisterClassExW
CallWindowProcW
CreateMenu
IsZoomed
shell32
SHGetPathFromIDListA
ShellExecuteExA
SHChangeNotify
SHGetFileInfoA
Shell_NotifyIconA
SHBrowseForFolderA
DragFinish
SHGetMalloc
ShellExecuteW
ShellExecuteA
ord155
SHGetSpecialFolderLocation
DragQueryFileW
ExtractIconA
DragQueryFileA
SHGetDesktopFolder
SHFileOperationA
ExtractIconExA
DragAcceptFiles
Sections
.text Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 459KB - Virtual size: 459KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 139KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ