NEAS[.]514dced0b3d4e98035bf011043c354f0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.514dced0b3d4e98035bf011043c354f0_JC.exe
Size

144KB
MD5

514dced0b3d4e98035bf011043c354f0
SHA1

b95d5204cc2a5741e6d5a37ade082779f78ab184
SHA256

2269d2a5a5152ea6ce1081bf1494196e3586254284670fc9a57105e596d9007c
SHA512

ff60dbed4eeb43cb25bdb866821f91031fdae399a2de6d70af486676c4224e02ea59f3577d5932fec870f1068a857cf67f5c73cd7a6668f3d68f9c298849097d
SSDEEP

3072:hFbtrVPZq6KBAo/wbnYfsngFqZ0ouXLM5pXZRcLk33jJRiwV2:hP3q6KCnYfsgFI0OZuQ33jJRiwV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.514dced0b3d4e98035bf011043c354f0_JC.exe

Files

NEAS.514dced0b3d4e98035bf011043c354f0_JC.exe
.exe windows:4 windows x86

24e5803aa951eea77e7957c261342bdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SetThreadPriority
GetCurrentThread
GetCurrentProcessId
ExitProcess
GetFileAttributesA
CreateMutexA
GetDriveTypeA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
HeapReAlloc
VirtualAlloc
VirtualFree
ExitThread
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetCurrentProcess
FreeLibrary
TerminateThread
CreateThread
lstrcmpiA
GetTickCount
GetLastError
GetFileSize
CloseHandle
RaiseException
GetLocalTime
lstrcpynA
GetSystemDirectoryA
CreateDirectoryA
lstrcmpA
GetComputerNameA
GetProcessTimes
CreateProcessA
GetVersionExA
GetTempFileNameA
GetTempPathA
WinExec
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetExitCodeThread
InitializeCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateEventA
SetEvent
WaitForSingleObject
RtlUnwind
MultiByteToWideChar
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapAlloc
HeapFree
DeleteFileA
GetSystemTime
ReadFile
lstrlenA
GlobalAlloc
SetFilePointer
WriteFile
GlobalFree
CreateFileA
Sleep
lstrcpyA
lstrcatA

user32

CharLowerA
wvsprintfA
wsprintfA

advapi32

RegOpenKeyExA
GetUserNameA
RegQueryValueExA
CloseEventLog
ReadEventLogA
OpenEventLogA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegCloseKey
InitializeAcl
IsValidAcl

ole32

CoInitialize
CoUninitialize
CoCreateGuid
StringFromCLSID
CoCreateInstance
CoInitializeSecurity

oleaut32

VariantInit
VariantClear

ws2_32

gethostbyname
WSACleanup
gethostname
inet_ntoa
htons
connect
recv
getpeername
send
setsockopt
accept
socket
closesocket
select
ioctlsocket
shutdown
WSAGetLastError
bind
listen
WSAStartup

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 33KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

24e5803aa951eea77e7957c261342bdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 33KB - Virtual size: 51KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 33KB - Virtual size: 51KB