NEAS[.]e9dadff23f73e67db16c3b5321a9bca0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e9dadff23f73e67db16c3b5321a9bca0_JC.exe
Size

459KB
MD5

e9dadff23f73e67db16c3b5321a9bca0
SHA1

96bcb2123f0ce5332c1619826205bd492e5b6c85
SHA256

71b7904d0d461e501daf7ed8fc8df628902f8334d60007fdba077274314a5eea
SHA512

f315d99909e9b5d3780af1297471c09d841477a069a486d58f1a9faa03e745ab4a7e1714cc4aff743c23025c4d2273095b3388f0a33018fccfad5fc267d624c9
SSDEEP

6144:dhKHlPZ5+h3E6S4pkXts3l89Qh0JRs+GicBOzyXF0duLI13UCQBuCk0a75kq7S3H:O5i3nCXx9YkGVOW1jOO617AHscPe7C7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e9dadff23f73e67db16c3b5321a9bca0_JC.exe

Files

NEAS.e9dadff23f73e67db16c3b5321a9bca0_JC.exe
.exe windows:4 windows x86

8e122868c596a2fdfada36c40130aecf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_amsg_exit
_initterm
free
_XcptFilter
srand
memmove
_vsnwprintf
_vsnprintf
memset
_memicmp
memcpy
malloc

kernel32

ReadFile
SetFilePointer
CloseHandle
CreateFileA
GetModuleFileNameA
GetModuleHandleA
UnmapViewOfFile
GetCurrentProcessId
CreateMutexA
CreateEventA
MapViewOfFile
GetLastError
CreateFileMappingA
ReleaseMutex
SetEvent
WaitForSingleObject
GetTickCount
CreateThread
ResetEvent
lstrlenA
Sleep
FreeLibrary
GetVersionExA
DuplicateHandle
GetCurrentProcess
LoadLibraryW
LoadLibraryA
InitializeCriticalSection
CreateEventW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
OpenFileMappingA
CreateProcessW
CreateProcessA
GetCurrentDirectoryW
GetCurrentDirectoryA
DeleteCriticalSection
CompareStringA
GetProfileIntA
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
LocalFree
HeapAlloc
HeapFree
HeapReAlloc
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
ExitThread
WaitForMultipleObjects
OpenProcess
ResumeThread
TerminateProcess
GlobalFree
GlobalAlloc
ReleaseSemaphore
CreateSemaphoreA
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
CompareStringW
OpenFile
GetDriveTypeA
lstrcmpiA
lstrcmpA
LocalHandle
WinExec
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFindAtomA
LocalAlloc
LocalLock
LocalUnlock
GlobalReAlloc
GlobalSize
GlobalDeleteAtom
MulDiv
GlobalLock
GlobalUnlock
GetCurrentThread
IsWow64Process
VirtualAlloc

rpcrt4

UuidCreate

advapi32

RegOpenKeyA
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteKeyW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteValueA
RegDeleteValueW
RegEnumValueA
RegEnumValueW
RegSetValueExA
RegSetValueExW
RegEnumKeyExA
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueA
OpenProcessToken
RegOpenUserClassesRoot
OpenThreadToken
SetThreadToken

winmm

timeGetDevCaps
timeKillEvent
timeSetEvent
timeGetTime

user32

EnumThreadWindows
DialogBoxParamA
GetPropA
SendDlgItemMessageA
GetDlgItemTextA
RemovePropA
EndDialog
LoadStringA
MessageBoxA
SetPropA
SetDlgItemTextA
IsWindowVisible
UnregisterClassA
RegisterClassA
EnumClipboardFormats
IsWindow
CloseClipboard
CharUpperBuffA
RegisterClipboardFormatA
GetClipboardFormatNameA
FreeDDElParam
PackDDElParam
GetWindowLongA
DefWindowProcA
CreateWindowExA
SetWindowLongA
SendMessageA
DestroyWindow
SetTimer
KillTimer
PostMessageA
UnpackDDElParam
GetClipboardData
SetClipboardData
GetDC
ReleaseDC
OpenClipboard
GetWindowThreadProcessId
IsClipboardFormatAvailable

gdi32

CopyEnhMetaFileA
GetEnhMetaFileBits
GetWinMetaFileBits
DeleteEnhMetaFile
DeleteObject
GetBitmapBits
GetObjectA
CreateBitmap
SetBitmapDimensionEx
SetBitmapBits
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
StretchBlt
SelectObject
GetEnhMetaFileHeader
SetWindowExtEx
PlayEnhMetaFileRecord
GetStockObject
StretchDIBits
RealizePalette
SelectPalette
CreatePalette
SetViewportExtEx
PlayMetaFileRecord
EnumEnhMetaFile
GetDIBits
EnumMetaFile
RestoreDC
IntersectClipRect
SaveDC
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
SetMapMode
LPtoDP
DeleteMetaFile
CopyMetaFileA
CloseMetaFile
CreateMetaFileA
GetBitmapDimensionEx
SetEnhMetaFileBits
SetWindowOrgEx
SetWinMetaFileBits
Rectangle
GetMetaFileBitsEx
SetMetaFileBitsEx

mpr

WNetGetConnectionA
WNetAddConnectionA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e122868c596a2fdfada36c40130aecf

Headers

File Characteristics

Imports

msvcrt

kernel32

rpcrt4

advapi32

winmm

user32

gdi32

mpr

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 21KB - Virtual size: 31KB

.rsrc Size: 396KB - Virtual size: 396KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 21KB - Virtual size: 31KB

.rsrc
Size: 396KB - Virtual size: 396KB