NEAS[.]67395ba2a9512dc9190284296e6657b7_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.67395ba2a9512dc9190284296e6657b7_JC.exe
Size

447KB
MD5

67395ba2a9512dc9190284296e6657b7
SHA1

e38f1a276d21611e431a04145636c24b5810db6f
SHA256

4986267a5d4e417d13c7953c799610e829d2d239e2c765329a55d3b365fce8ba
SHA512

1741fba481ca83a86f68bfbaf017a3b3231c101be0f8090261d54301b6b0595b06a77654431b097ee87a4c9999483e2e9a6a2f46c3500717139830c5b5c8fd88
SSDEEP

12288:sTXsAjOiXeepLTEMjBbV1KNI3OqtZITBN+uCyg7CuUXy:5MTEWBOuIVNJzgRU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.67395ba2a9512dc9190284296e6657b7_JC.exe

Files

NEAS.67395ba2a9512dc9190284296e6657b7_JC.exe
.exe windows:4 windows x86

978779d23a419ccf2c2f0c2b5f95afe3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconA
RealShellExecuteExA
SHGetDesktopFolder
SHFileOperationA
ExtractIconExW

user32

SetClipboardViewer
CreateWindowExA
DdeQueryNextServer
SetWindowsHookExA
SetDeskWallpaper
SetWindowTextW
GetWindowLongW
SetWindowLongA
GetUpdateRect
GetWindowRgn
SetMenuItemInfoW
DrawStateA

wininet

InternetTimeToSystemTimeA
InternetWriteFileExW
InternetGetCookieA
GetUrlCacheEntryInfoW
UnlockUrlCacheEntryFileW
InternetErrorDlg
InternetDial
InternetSecurityProtocolToStringW
InternetSetCookieA
SetUrlCacheEntryGroupW
InternetCheckConnectionW
DeleteUrlCacheGroup
GopherGetAttributeW
LoadUrlCacheContent

comdlg32

ChooseColorA
PageSetupDlgA
ChooseFontA
GetOpenFileNameA
ChooseFontW
GetOpenFileNameW
FindTextW
GetFileTitleA
GetSaveFileNameA
ReplaceTextW
ReplaceTextA

kernel32

ExitProcess
GetDriveTypeW
HeapReAlloc
LeaveCriticalSection
GetNamedPipeHandleStateW
RemoveDirectoryA
TerminateProcess
IsBadWritePtr
GetUserDefaultLCID
TlsGetValue
GetSystemInfo
WideCharToMultiByte
GetTimeFormatA
HeapFree
FreeEnvironmentStringsA
SetEnvironmentVariableA
HeapSize
TlsFree
GetTickCount
VirtualAlloc
GetACP
VirtualProtect
HeapCreate
TlsAlloc
GetCurrentProcessId
LocalLock
LCMapStringW
TlsSetValue
DeleteCriticalSection
VirtualQuery
WaitForMultipleObjects
WriteFile
GetFileType
GetCPInfo
GetStartupInfoA
GetModuleHandleW
IsValidCodePage
GetLocaleInfoA
GetModuleFileNameA
LoadLibraryA
GetStringTypeExW
SetLastError
GetTimeZoneInformation
GetProcAddress
InitializeCriticalSection
OpenEventW
GetLocaleInfoW
GetEnvironmentStrings
GetLastError
HeapAlloc
FindClose
GetCurrentThreadId
CompareStringA
VirtualFree
GetModuleHandleA
QueryPerformanceCounter
LCMapStringA
CompareStringW
GetSystemTimeAsFileTime
MultiByteToWideChar
GetCurrentProcess
GetStdHandle
HeapDestroy
FreeEnvironmentStringsW
GetCurrentThread
EnterCriticalSection
GetOEMCP
GetDiskFreeSpaceExA
UnhandledExceptionFilter
EnumSystemLocalesA
GetStringTypeA
RtlUnwind
GlobalFree
GetEnvironmentStringsW
DeleteFiber
IsValidLocale
GetVersionExA
GetStringTypeW
GetCommandLineA
InterlockedExchange
GetConsoleMode
SetHandleCount
GlobalFlags
GetThreadLocale
GetDateFormatA

advapi32

CryptEnumProvidersW
RegConnectRegistryW
LookupSecurityDescriptorPartsW
CryptGenRandom
InitiateSystemShutdownW
CryptVerifySignatureA
RegRestoreKeyA
CryptReleaseContext
RegDeleteKeyW
RegLoadKeyA
RegSetValueW
RevertToSelf
CryptGetKeyParam
RegQueryValueExW
CryptSignHashA
CryptSetProvParam
ReportEventW
RegQueryValueA
StartServiceA
CryptDuplicateKey
RegEnumKeyW
DuplicateTokenEx

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

978779d23a419ccf2c2f0c2b5f95afe3

Headers

File Characteristics

Imports

shell32

user32

wininet

comdlg32

kernel32

advapi32

Sections

.text Size: 130KB - Virtual size: 130KB

.data Size: 309KB - Virtual size: 339KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 130KB - Virtual size: 130KB

.data
Size: 309KB - Virtual size: 339KB

.rsrc
Size: 6KB - Virtual size: 5KB