NEAS[.]e62f8c8e697c402fcf980eaf9904c020[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e62f8c8e697c402fcf980eaf9904c020.exe
Size

323KB
MD5

e62f8c8e697c402fcf980eaf9904c020
SHA1

6d872aac884ac396bd1f99fa72aa2b9f8a5d3b83
SHA256

00e906238d877dbf3e01ca06d4499340ea5f6aad7d825482cc761db6017e6f78
SHA512

a174d816493924e72f94065fcc0e746008a557c8351cab95bc9e89f5e1ba148362dcdd2987da86fa29b1d672cdd5b8ca70a7f35ff04cba6677e0871e118ce1a7
SSDEEP

6144:4wT+lSj4xIHpmkVl6/HM3ma1mOZO1l4HUYKHQLeE3:bql1xqpd8fMMnlbY6QLeq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e62f8c8e697c402fcf980eaf9904c020.exe

Files

NEAS.e62f8c8e697c402fcf980eaf9904c020.exe
.exe windows:4 windows x86

8a132b8ec41571004acc993507fcfbce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_fmode
_ftime64
_initterm
_iob
_lock
_onexit
_setjmp3
time
localtime
gmtime
calloc
exit
fclose
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getchar
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memset
perror
qsort
realloc
setlocale
setvbuf
signal
strchr
strcmp
strcspn
strerror
strftime
strlen
strncat
strncmp
strrchr
strstr
strtok
strtol
strtoul
_strdup
_unlock
abort
atoi
tolower
ungetc
vfprintf
wcslen
longjmp
_read
_kbhit
_getch

ole32

CoTaskMemFree

psapi

GetProcessMemoryInfo

shell32

CommandLineToArgvW

user32

GetShellWindow

avcodec-56

av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_get_lowres
av_codec_is_decoder
av_codec_is_encoder
av_codec_next
av_codec_set_chroma_intra_matrix
av_copy_packet_side_data
av_dup_packet
av_free_packet
av_get_audio_frame_duration
av_get_exact_bits_per_sample
av_init_packet
av_log_ask_for_sample
av_packet_get_side_data
av_packet_new_side_data
av_packet_rescale_ts
av_packet_split_side_data
av_parser_change
av_parser_close
av_parser_init
avcodec_alloc_context3
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_get_buffer2
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video2
avcodec_find_best_pix_fmt_of_2
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_free_context
avcodec_get_class
avcodec_get_context_defaults3
avcodec_get_frame_class
avcodec_get_name
avcodec_open2
avcodec_register_all
avcodec_version
avpicture_fill
avsubtitle_free

avdevice-56

av_input_audio_device_next
av_input_video_device_next
av_output_audio_device_next
av_output_video_device_next
avdevice_configuration
avdevice_free_list_devices
avdevice_list_devices
avdevice_register_all
avdevice_version

avfilter-5

av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_set_frame_size
av_buffersrc_add_frame_flags
av_buffersrc_add_ref
av_buffersrc_get_nb_failed_requests
avfilter_configuration
avfilter_get_by_name
avfilter_get_class
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_free
avfilter_graph_parse2
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_str
avfilter_inout_free
avfilter_link
avfilter_link_get_channels
avfilter_next
avfilter_pad_count
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_register_all
avfilter_version

avformat-56

av_codec_get_id
av_codec_get_tag2
av_dump_format
av_filename_number_test
av_find_input_format
av_format_set_audio_codec
av_format_set_subtitle_codec
av_format_set_video_codec
av_guess_codec
av_guess_format
av_guess_frame_rate
av_iformat_next
av_interleaved_write_frame
av_oformat_next
av_pkt_dump_log2
av_read_frame
av_register_all
av_sdp_create
av_stream_get_end_pts
av_stream_get_parser
av_stream_get_recommended_encoder_configuration
av_write_trailer
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_get_class
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_seek_file
avformat_version
avformat_write_header
avio_check
avio_close
avio_close_dyn_buf
avio_closep
avio_enum_protocols
avio_find_protocol_name
avio_flush
avio_open
avio_open2
avio_open_dyn_buf
avio_printf
avio_r8
avio_read
avio_seek
avio_size
avio_w8
avio_write

avutil-54

av_add_q
av_asprintf
av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprintf
av_buffer_create
av_buffer_default_free
av_calloc
av_compare_ts
av_dict_copy
av_dict_free
av_dict_get
av_dict_parse_string
av_dict_set
av_dict_set_int
av_expr_eval
av_expr_free
av_expr_parse
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_frame_alloc
av_frame_copy_props
av_frame_free
av_frame_get_best_effort_timestamp
av_frame_get_buffer
av_frame_get_channels
av_frame_get_pkt_duration
av_frame_move_ref
av_frame_ref
av_frame_unref
av_free
av_freep
av_get_bits_per_pixel
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_token
av_gettime_relative
av_image_copy_plane
av_log
av_log_default_callback
av_log_format_line
av_log_get_flags
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_malloc
av_mallocz
av_max_alloc
av_mul_q
av_opt_child_class_next
av_opt_eval_flags
av_opt_eval_int
av_opt_find
av_opt_get_int
av_opt_get_key_value
av_opt_ptr
av_opt_set
av_opt_set_dict
av_opt_set_dict2
av_opt_set_int
av_opt_show2
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_realloc
av_realloc_array
av_realloc_f
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_strcasecmp
av_strdup
av_strerror
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_strtod
av_strtok
av_thread_message_queue_alloc
av_thread_message_queue_free
av_thread_message_queue_recv
av_thread_message_queue_send
av_thread_message_queue_set_err_recv
av_thread_message_queue_set_err_send
av_usleep
avutil_configuration
avutil_version

postproc-53

postproc_configuration
postproc_version

swresample-1

swr_alloc
swr_free
swr_get_class
swresample_configuration
swresample_version

swscale-3

sws_freeContext
sws_getContext
sws_get_class
sws_isSupportedInput
sws_isSupportedOutput
swscale_configuration
swscale_version

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a132b8ec41571004acc993507fcfbce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

psapi

shell32

user32

avcodec-56

avdevice-56

avfilter-5

avformat-56

avutil-54

postproc-53

swresample-1

swscale-3

Sections

.text Size: 261KB - Virtual size: 260KB

.data Size: 512B - Virtual size: 232B

.rdata Size: 40KB - Virtual size: 39KB

.bss Size: - Virtual size: 4KB

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 6KB - Virtual size: 6KB

.text
Size: 261KB - Virtual size: 260KB

.data
Size: 512B - Virtual size: 232B

.rdata
Size: 40KB - Virtual size: 39KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 6KB - Virtual size: 6KB