NEAS[.]e455865074dc7a0be4eede03f8356c40_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e455865074dc7a0be4eede03f8356c40_JC.exe
Size

488KB
MD5

e455865074dc7a0be4eede03f8356c40
SHA1

4e26bf0faf813d95b9d20b7a4537aad9ec2f4f5b
SHA256

a94b7826757721c19435c42b3568d57e46b458a3b35339a97dd904dd04ddac92
SHA512

4b66f25ae2c263b8ad511170de188575f34598e21e64c751f7f1139676b5c421231b0db6b942c2fbfa796619dd8b276371ebfcba48383bbaa3c6f8a5c6e7e490
SSDEEP

6144:uzuqZTVfywD1kNXJYyxfdEawIXclG0ubld5kvY3BBXEuQo+uF2222222atttttt0:uKqZTVfvCNXJJFD1Rd5kDBuc31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e455865074dc7a0be4eede03f8356c40_JC.exe

Files

NEAS.e455865074dc7a0be4eede03f8356c40_JC.exe
.dll regsvr32 windows:4 windows x86

4b8a8b80f8af82a536b82e7e89bcc7c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CreateMutexA
ReleaseMutex
GetFileAttributesA
GlobalMemoryStatus
GetVersion
WinExec
DeleteFileA
Sleep
CreateThread
TerminateThread
GetTempPathA
CreateDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetSystemDirectoryA
GetTempFileNameA
CopyFileA
MoveFileA
GetSystemDefaultLangID
GetSystemInfo
SleepEx
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
OpenMutexA
CompareStringA
FlushFileBuffers
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetStdHandle
LCMapStringW
LCMapStringA
SetFilePointer
GetStartupInfoA
GetStdHandle
SetHandleCount
HeapSize
GetCurrentProcessId
GetFileType
GetOEMCP
GetACP
GetCPInfo
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetCommandLineA
LocalFileTimeToFileTime
SetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
ExitProcess
GetDriveTypeA
GetFullPathNameA
SetEnvironmentVariableA
HeapReAlloc
HeapAlloc
RtlUnwind
HeapFree
SetCurrentDirectoryA
GetTickCount
WriteFile
SystemTimeToFileTime
GlobalFree
CreateFileA
GetFileSize
CloseHandle
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
CompareStringW
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
IsBadCodePtr
lstrlenW

user32

LoadCursorA
GetClassInfoExA
IsWindow
InvalidateRect
PtInRect
UnionRect
wsprintfA
GetSystemMetrics
UnhookWindowsHookEx
UnregisterClassA
CreateDialogParamA
SetWindowsHookExA
GetKeyState
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
RegisterClassExA
DefWindowProcA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
CharNextA
IntersectRect
ShowWindow
CallNextHookEx
EnumChildWindows
GetClassNameA
IsDialogMessageA
EnableWindow
KillTimer
GetWindowTextA
GetWindowRect
AdjustWindowRectEx
GetDlgCtrlID
LoadImageA
GetWindow
LoadIconA
RegisterClassA
GetClassInfoA
GetWindowTextLengthA
LoadStringA
ExitWindowsEx
MessageBoxA
MoveWindow
SetTimer
FillRect
GetClipboardFormatNameA
DialogBoxParamA
IsDlgButtonChecked
EndDialog
GetDlgItem
SetWindowTextA
PostMessageA
GetParent
IsChild
GetFocus
SetFocus
SendMessageA
UpdateWindow
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA

gdi32

SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
CreateMetaFileA
SetViewportOrgEx
DeleteDC
RestoreDC
UnrealizeObject
SelectPalette
CreatePalette
BitBlt
CreateCompatibleDC
ExtTextOutA
GetTextExtentPoint32A
SelectObject
SetBkMode
SetBkColor
SetTextColor
DeleteObject
CreateSolidBrush
GetStockObject
CreateFontIndirectA
SetWindowOrgEx
RealizePalette
GetObjectA

ole32

CoInitialize
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateDataAdviseHolder

advapi32

RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

VariantInit
SysAllocStringLen
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
VarUI4FromStr
SysFreeString
OleTranslateColor

wininet

DeleteUrlCacheEntry

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RelaxSecurity
SetupPlugin

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b8a8b80f8af82a536b82e7e89bcc7c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

advapi32

version

oleaut32

wininet

Exports

Exports

Sections

.text Size: 236KB - Virtual size: 235KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 36KB - Virtual size: 118KB

.rsrc Size: 140KB - Virtual size: 137KB

.reloc Size: 28KB - Virtual size: 24KB

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 36KB - Virtual size: 118KB

.rsrc
Size: 140KB - Virtual size: 137KB

.reloc
Size: 28KB - Virtual size: 24KB