NEAS[.]8b10b1d6852b522bc3c81ab040cb8200[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.8b10b1d6852b522bc3c81ab040cb8200.exe
Size

476KB
MD5

8b10b1d6852b522bc3c81ab040cb8200
SHA1

8a912c6677598173207dc378948a846dc257c0b2
SHA256

fa437a7a2789d91756fc51bb4ea082a1db127870f5770c6797f4ea3054f27ca8
SHA512

65de704c206c3332c2a7dfa331e9ccb89d8e7c3c9fea01921ee85af2b4c0b550155b166a8db40a7b17394175571f3e449ac8bbd889a17bb92cc7902e496ad77e
SSDEEP

6144:NIQcX676lNkHPofkeAw42sonALoEmmHNp0nBSoYZyc0frXM8Il+pvgs1Gvz6ydyR:6KmlsPPb2son2VNpyBSo+uXw+lgTBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8b10b1d6852b522bc3c81ab040cb8200.exe

Files

NEAS.8b10b1d6852b522bc3c81ab040cb8200.exe
.exe windows:4 windows x86

23e2ab6807a0314f652172bde2e9f8f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_assert
_cexit
_chsize
_close
_errno
_fileno
_fstat
_chmod
_initterm
_iob
_mkdir
_mkdir
_onexit
_open
_setjmp3
_stat
_strdup
_stricmp
_strnicmp
_read
_utime
_vsnprintf
_waccess
_wchdir
_wfopen
_write
_wstat
abort
atoi
calloc
exit
fclose
feof
fflush
fgetc
fopen
fprintf
ftell
fread
free
freopen
fscanf
fseek
fwrite
isspace
localtime
longjmp
malloc
memset
mktime
memcmp
memcpy
memmove
perror
printf
puts
qsort
realloc
remove
signal
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
time
toupper
vfprintf
wcslen

shell32

CommandLineToArgvW

user32

GetKeyboardState
MessageBoxA
keybd_event

sdl2

SDL_ConvertSurface
SDL_ConvertSurfaceFormat
SDL_CreateRGBSurface
SDL_CreateRenderer
SDL_CreateTexture
SDL_CreateWindow
SDL_Delay
SDL_FillRect
SDL_FreeSurface
SDL_GameControllerClose
SDL_GameControllerFromInstanceID
SDL_GameControllerOpen
SDL_GameControllerRumble
SDL_GetCurrentDisplayMode
SDL_GetError
SDL_GetKeyboardState
SDL_GetMouseState
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetPlatform
SDL_GetRendererInfo
SDL_GetVersion
SDL_GetWindowDisplayIndex
SDL_GetWindowFlags
SDL_HapticOpen
SDL_HapticRumbleInit
SDL_HapticRumblePlay
SDL_Init
SDL_IsGameController
SDL_JoystickOpen
SDL_JoystickRumble
SDL_LockAudio
SDL_LockSurface
SDL_MapRGB
SDL_MapRGBA
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PollEvent
SDL_PushEvent
SDL_Quit
SDL_RWFromConstMem
SDL_RWFromMem
SDL_RWclose
SDL_RaiseWindow
SDL_RenderClear
SDL_RenderCopy
SDL_RenderGetLogicalSize
SDL_RenderGetScale
SDL_RenderGetViewport
SDL_RenderPresent
SDL_RenderSetLogicalSize
SDL_RestoreWindow
SDL_SetClipRect
SDL_SetColorKey
SDL_SetHint
SDL_SetMainReady
SDL_SetPaletteColors
SDL_SetSurfaceAlphaMod
SDL_SetSurfaceBlendMode
SDL_SetSurfacePalette
SDL_SetWindowFullscreen
SDL_SetWindowIcon
SDL_SetWindowPosition
SDL_SetWindowSize
SDL_ShowCursor
SDL_ShowSimpleMessageBox
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UpdateTexture
SDL_UpperBlit
SDL_free
SDL_iconv_string
SDL_memcpy
SDL_memset
SDL_strlen
SDL_wcslen

sdl2_image

IMG_Load_RW
IMG_SavePNG

sdl2_mixer

Mix_AllocateChannels
Mix_FadeInMusic
Mix_FadeInMusicPos
Mix_FreeMusic
Mix_HaltMusic
Mix_HookMusicFinished
Mix_Init
Mix_LoadMUSType_RW
Mix_OpenAudio
Mix_PauseMusic
Mix_PlayMusic
Mix_PlayingMusic
Mix_Quit
Mix_ResumeMusic
Mix_VolumeMusic

Sections

.text
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23e2ab6807a0314f652172bde2e9f8f1

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

user32

sdl2

sdl2_image

sdl2_mixer

Sections

.text Size: 423KB - Virtual size: 422KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 28KB - Virtual size: 27KB

.bss Size: - Virtual size: 43KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 423KB - Virtual size: 422KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 28KB - Virtual size: 27KB

.bss
Size: - Virtual size: 43KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 4KB