NEAS[.]657ae2a159456772d9d0567d04e08370_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.657ae2a159456772d9d0567d04e08370_JC.exe
Size

1004KB
MD5

657ae2a159456772d9d0567d04e08370
SHA1

7b7fa9f5f542ef24ce7596722649cb11bd2a3fa0
SHA256

9b4e0442db98a92e4eddce151553133f5354efbb13ae40bb3a2bb8325ecf8680
SHA512

85cf40c9d848046d6ab8a4d29d5cf03bbc4d6a3c593c8cdff7a55f1a4ee5dfc52dfbd42a25fe439f31d86b7c0a5d1fd1ba34982c9b3d926ee5b4864b7fff3975
SSDEEP

12288:ZJ9BLgYzT14DDM3nHc91vbE56F33CuCl+2r695MHDuEOIVg+yww6XuW:74M3Hc9Nke33q+2r6wuEO0vi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.657ae2a159456772d9d0567d04e08370_JC.exe

Files

NEAS.657ae2a159456772d9d0567d04e08370_JC.exe
.exe windows:4 windows x86

864ba993057c1570acaaacbaaa6436aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetOEMCP
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapDestroy
HeapReAlloc
HeapSize
GetCPInfo
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetExitCodeThread
Sleep
ResumeThread
SuspendThread
CreateMutexA
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
SetLastError
FreeLibrary
GlobalAddAtomA
CreateEventA
SetThreadPriority
SetEvent
WaitForSingleObject
CloseHandle
GlobalAlloc
GetProfileStringA
HeapAlloc
RaiseException
ExitThread
CreateThread
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetVersionExA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetProcessVersion
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
SizeofResource
GlobalFlags
GlobalGetAtomNameA
MulDiv
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
GetShortPathNameA
GetStringTypeExA
GetThreadLocale
GlobalDeleteAtom
FindClose
GetVolumeInformationA
FindFirstFileA
LoadLibraryA
lstrcpyA
lstrlenA
MoveFileA
GetProcAddress
DeleteFileA
LockFile
SetEndOfFile
UnlockFile
SetStdHandle
SetFilePointer
WriteFile
GetSystemTime
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
lstrcpynA
GetFileAttributesA
GetVersion
lstrcatA
GetLocaleInfoA
GetLocaleInfoW

user32

ShowWindow
GetDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
IsIconic
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
wvsprintfA
IsZoomed
OffsetRect
ClientToScreen
PtInRect
GetClassNameA
InsertMenuA
DeleteMenu
GetMenuStringA
GetSysColorBrush
LoadStringA
DestroyIcon
FindWindowA
FillRect
WindowFromPoint
SetRect
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
SetParent
AppendMenuA
GetSystemMenu
InvertRect
IsDialogMessageA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScreenToClient
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
CharUpperA
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
WaitMessage
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
SetCursor
ShowOwnedPopups
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenu
CheckMenuItem
SendMessageA
ReleaseDC
LoadBitmapA
LoadIconA
LoadCursorA
PostThreadMessageA
IntersectRect
CopyRect
IsRectEmpty
KillTimer
SetTimer
InvalidateRect
UpdateWindow
PostMessageA
UnionRect
EnableWindow
MessageBoxA
IsChild
SetWindowTextA
GetCapture
GetMenuItemID
GetSubMenu
DefWindowProcA
ScrollWindow
IsWindowUnicode
DefDlgProcA
CharNextA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect

gdi32

BitBlt
Rectangle
SetPixel
DeleteObject
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
CreateCompatibleDC
MoveToEx
LineTo
SetTextAlign
CreateCompatibleBitmap
CreateRectRgn
GetDeviceCaps
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
GetTextMetricsA
StretchDIBits
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateDIBitmap
CreateSolidBrush
CreatePen

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

comctl32

ord17
ImageList_Destroy

wsock32

gethostname
gethostbyname
WSACleanup
WSAGetLastError
setsockopt
WSASetLastError
listen
WSAStartup
accept
inet_addr
ioctlsocket
htons
htonl
closesocket
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
ntohs
bind

Sections

.text
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

864ba993057c1570acaaacbaaa6436aa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 322KB - Virtual size: 321KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 23KB - Virtual size: 40KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 603KB - Virtual size: 602KB

XOR Size: - Virtual size: 2KB

.text
Size: 322KB - Virtual size: 321KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 23KB - Virtual size: 40KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 603KB - Virtual size: 602KB

XOR
Size: - Virtual size: 2KB