NEAS[.]b8b7be8f8c40df57fdde3204d52b2f40_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b8b7be8f8c40df57fdde3204d52b2f40_JC.exe
Size

1.6MB
MD5

b8b7be8f8c40df57fdde3204d52b2f40
SHA1

d3b71eb2a66d095fa956b823437e5e6cc884220c
SHA256

70b74e33b42cb4a89ad65fae871cf6b7277fc3c04849a9f41b91885e480adbf3
SHA512

3e2276f1b67e9fc914b0a9eca2df3fd4c443f21b0784762e1fa02234ff45d23044dff2e11178284a5afc2d098097a09a63c69fd3124cfd01488f6b4c7417f167
SSDEEP

24576:+y3oVzUzYq6ImwaCZDVFnvhYAARAOS3ugMot5lYQuu6j+vI4PQQ0cb7c77:QV7R0egol4QQ0C7cn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b8b7be8f8c40df57fdde3204d52b2f40_JC.exe

Files

NEAS.b8b7be8f8c40df57fdde3204d52b2f40_JC.exe
.exe windows:4 windows x86

fe6310484e2b7a19978d7075ce89d4ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
HeapReAlloc
HeapSize
CreateThread
ExitThread
SetStdHandle
GetFileType
FatalAppExitA
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
RaiseException
GetCPInfo
HeapAlloc
HeapFree
GetEnvironmentStrings
LCMapStringA
TerminateProcess
GetStdHandle
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
VirtualAlloc
UnhandledExceptionFilter
ExitProcess
SuspendThread
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetSystemTime
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalUnlock
lstrcpynA
MulDiv
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
GetModuleFileNameA
WinExec
GetModuleHandleA
OpenProcess
CloseHandle
OutputDebugStringA
GetVolumeInformationA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
GetTickCount
GetCurrentDirectoryA
GetDriveTypeA
OpenFile
GetLocalTime
RtlUnwind
GetTimeZoneInformation
IsBadReadPtr
GlobalGetAtomNameA
GetVersionExA
GlobalAddAtomA
FindNextFileA
SizeofResource
GetFileTime
WritePrivateProfileStringA
GetFileSize
GetFileAttributesA
CreateEventA
GetLocaleInfoW
SetThreadPriority
ResumeThread
SetEvent
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
GetProcessVersion
GlobalFlags
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GetVersion
GlobalFree
LockResource
FindResourceA
LoadResource
GetFullPathNameA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
lstrcpyA
lstrcatA
SetErrorMode
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
CompareStringA
CompareStringW
GetEnvironmentStringsW
SetHandleCount
SetCurrentDirectoryA
Sleep

user32

IsDialogMessageA
ShowWindow
GetDesktopWindow
GetClassNameA
LoadCursorA
GetSysColorBrush
GetMessageA
ShowOwnedPopups
ClientToScreen
DestroyMenu
FillRect
OffsetRect
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsWindowVisible
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
GetLastActivePopup
GetForegroundWindow
MapWindowPoints
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
SetWindowPos
RegisterWindowMessageA
BeginDeferWindowPos
EqualRect
AdjustWindowRectEx
DestroyWindow
IsWindowEnabled
GetSystemMetrics
CharUpperA
PostQuitMessage
GrayStringA
TabbedTextOutA
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetDC
ReleaseDC
SetWindowTextA
FindWindowA
GetWindowLongA
SetWindowLongA
SetFocus
KillTimer
SetTimer
LoadIconA
MessageBeep
TranslateMessage
PeekMessageA
DispatchMessageA
BeginPaint
EndPaint
GetActiveWindow
GetWindowRect
InvalidateRect
MoveWindow
UpdateWindow
GetCursorPos
PtInRect
SetCursor
SetRectEmpty
IntersectRect
GetAsyncKeyState
CheckDlgButton
EnableWindow
GetClientRect
ValidateRect
IsIconic
wsprintfA
SendDlgItemMessageA
SystemParametersInfoA
SetForegroundWindow
GetPropA
CreateDialogIndirectParamA
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
GetSysColor
InflateRect
LoadStringA
DialogBoxParamA
DrawTextA
EndDialog
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SendMessageA
MessageBoxA
IsRectEmpty
PostMessageA
ShowCursor
CopyRect
SetRect
SetActiveWindow
EndDeferWindowPos
IsWindow
GetMenuCheckMarkDimensions
UnhookWindowsHookEx
DeferWindowPos
DestroyCursor
DrawFocusRect
FrameRect
DrawIcon
DestroyIcon
DrawEdge
DrawFrameControl
UnionRect
DestroyAcceleratorTable
SetCursorPos

gdi32

DeleteObject
BitBlt
StretchBlt
GetTextExtentPointA
CreateCompatibleDC
SetTextColor
SelectClipRgn
SetBkMode
CreateRectRgn
TextOutA
GetDeviceCaps
CreateBitmap
PatBlt
ExtTextOutA
SetBkColor
CreateFontIndirectA
DPtoLP
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
MoveToEx
LineTo
CreatePen
CreateSolidBrush
PtVisible
RectVisible
GetObjectA
GetTextMetricsA
Escape
Rectangle
CreateCompatibleBitmap
CreateDCA
GetSystemPaletteEntries
CreateFontA
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create

winmm

joyGetPosEx
mciSendCommandA
timeGetTime
joyGetDevCapsA
joyGetNumDevs

mss32

_AIL_shutdown@0
_AIL_set_XMIDI_master_volume@8
_AIL_startup@0
_AIL_midiOutOpen@12
_AIL_end_sequence@4
_AIL_sequence_status@4
_AIL_resume_sequence@4
_AIL_stop_sequence@4
_AIL_set_sequence_loop_count@8
_AIL_XMIDI_master_volume@4
_AIL_start_sequence@4
_AIL_release_sequence_handle@4
_AIL_init_sequence@12
_AIL_allocate_sequence_handle@4

smackw32

ord14
ord32
ord27
ord17
ord18
ord21
ord38
ord28
ord23
ord19

wsock32

recv
gethostbyname
send
closesocket
htonl
socket
gethostname
recvfrom
inet_ntoa
WSAAsyncSelect
accept
inet_addr
WSAGetLastError
WSASetLastError
connect
ioctlsocket
sendto
htons
bind

wininet

InternetSetFilePointer
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetStatusCallback
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dsound

DirectSoundCreate

ddraw

DirectDrawCreate

dplayx

ord1
ord2

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 357KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe6310484e2b7a19978d7075ce89d4ec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

winmm

mss32

smackw32

wsock32

wininet

version

dsound

ddraw

dplayx

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 74KB - Virtual size: 143KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 37KB - Virtual size: 37KB

.text Size: 357KB - Virtual size: 360KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 74KB - Virtual size: 143KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 37KB - Virtual size: 37KB

.text
Size: 357KB - Virtual size: 360KB