NEAS[.]051608328b9921bf5bf1ad85a08caf70_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.051608328b9921bf5bf1ad85a08caf70_JC.exe
Size

119KB
MD5

051608328b9921bf5bf1ad85a08caf70
SHA1

9a72e46f57518c6c52e346a9166aaeb46b2c7de8
SHA256

4178aa0cb45e151316a8c2e845a80cd239df472bf743dc42e6f3eeb42357b27d
SHA512

b15dd5d00903c489d2f8c61363fe5299875aa581897508e5d7caf63306b1f9affdddeaaf6e1bf19f53ae465d9cca087c345a47c3f734aeb66142861dad32d0bf
SSDEEP

3072:i5K8+jGod+t0IB6B0fPf0h2oRZPYsmNC9U449A59HMQ9xnGkRm8tG:i5ua+IVfPfiPYTC9UXmVbkJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.051608328b9921bf5bf1ad85a08caf70_JC.exe

Files

NEAS.051608328b9921bf5bf1ad85a08caf70_JC.exe
.exe windows:6 windows x86

0c45f3b0f2ac80f582cbe69fcb1ea23f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetProcAddress
GetModuleHandleW
CloseHandle
Sleep
GetLastError
CreateFileA
GetCurrentProcessId
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileAttributesExA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter

msvcrt

_open_osfhandle
ctime
time
_read
_write
_close
_lseek
remove
_strnicmp
_eof
_open
fclose
fprintf
fopen
_ftol2_sse
clock
atoi
setvbuf
_iob
_vsnprintf
_stat
_unlink
_errno
_mkdir
_tempnam
fwrite
fread
ferror
feof
tolower
__getmainargs
_cexit
_exit
_XcptFilter
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_ltoa_s
memset
isdigit
toupper
__doserrno
atol
strchr
strncmp
strspn
_stricmp
memcpy
strpbrk
printf
malloc
_strdup
free
exit
memmove

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

CharNextExA

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jbkhmes
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c45f3b0f2ac80f582cbe69fcb1ea23f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

version

user32

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 31KB - Virtual size: 32KB

jbkhmes Size: - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 31KB - Virtual size: 32KB

jbkhmes
Size: - Virtual size: 4KB