NEAS[.]c10a062e07d50948f5bc349d21b938e0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c10a062e07d50948f5bc349d21b938e0_JC.exe
Size

8.8MB
MD5

c10a062e07d50948f5bc349d21b938e0
SHA1

d06979de18c0a6e53046cced5455c7cb9a8fbbc1
SHA256

f6efa258c86027e7fb2372d23257206132a010c09c5a77f57f3513aa6bd51c10
SHA512

21fa20f8a05294f0ccb7ef74eb4c34cb1ca6dfd37148b84c75be95654027c8fe9d8a28d2d6aef76b22ab854074c59b2e449710efaeba892871693267e4af56d1
SSDEEP

98304:omBMQypb1h8WaA/lfn3+prMGFY+Jx7aoqxkKOmvwobZbD3ET8J2lS6aqKnwYfIN:mHPh8ZDpgGW+Jx7BqDb4mGYlfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c10a062e07d50948f5bc349d21b938e0_JC.exe

Files

NEAS.c10a062e07d50948f5bc349d21b938e0_JC.exe
.dll windows:5 windows x86

b47bd7c48b0d485ac5d9faa4ecbf6178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

Shell_NotifyIconW

ole32

IsEqualGUID

version

GetFileVersionInfoSizeW

user32

CopyImage

oleaut32

SafeArrayPutElement

netapi32

NetWkstaGetInfo

advapi32

RegSetValueExW

gdi32

Pie

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
ovpfkenabcvj

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wjoglyc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wjoglyc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wjoglyc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 460KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47bd7c48b0d485ac5d9faa4ecbf6178

Headers

File Characteristics

Imports

kernel32

winspool.drv

comctl32

shell32

ole32

version

user32

oleaut32

netapi32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.itext Size: 16KB - Virtual size: 15KB

.data Size: 75KB - Virtual size: 75KB

.bss Size: - Virtual size: 29KB

.idata Size: 14KB - Virtual size: 13KB

.didata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 176B

.rdata Size: 512B - Virtual size: 69B

.wjoglyc Size: 1.7MB - Virtual size: 1.7MB

.wjoglyc Size: 3KB - Virtual size: 2KB

.wjoglyc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 460KB - Virtual size: 460KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.itext
Size: 16KB - Virtual size: 15KB

.data
Size: 75KB - Virtual size: 75KB

.bss
Size: - Virtual size: 29KB

.idata
Size: 14KB - Virtual size: 13KB

.didata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 176B

.rdata
Size: 512B - Virtual size: 69B

.wjoglyc
Size: 1.7MB - Virtual size: 1.7MB

.wjoglyc
Size: 3KB - Virtual size: 2KB

.wjoglyc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 460KB - Virtual size: 460KB

.rsrc
Size: 124KB - Virtual size: 124KB