NEAS[.]15cf4fb0633f77473f349dfb7f2c72e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.15cf4fb0633f77473f349dfb7f2c72e0.exe
Size

2.7MB
MD5

15cf4fb0633f77473f349dfb7f2c72e0
SHA1

1387bf3dea8eb684a500ed3303148ce4becac27b
SHA256

915e7a9ba41a26b6ecd8a06ebabb9bf8b3a5a5e7d6bddf5190bba647995550f4
SHA512

c0ad476dc54219c32455f29f5c43e95bc301822aec9c402cdb3bc04c2531776c25539e0bc4778ddbc363b6120dc09d8aa1045e7abab89c781e7a6bef5afa8525
SSDEEP

49152:4E5HkGU6Yi1icOwPRTt3ZLlfhj9nJ7VHR7ce1NOCNaP38rygITDDOWWj5FCuyOQa:4j0z19OwPRTt3ZLlfhj9nJ7VHR7ce1N3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.15cf4fb0633f77473f349dfb7f2c72e0.exe

Files

NEAS.15cf4fb0633f77473f349dfb7f2c72e0.exe
.exe windows:4 windows x86

7b54d941d1d43d55dae0e4c872cc20fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
lstrlenW

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_findclose
_findfirst
_fmode
_fullpath
_getcwd
_initterm
_iob
_lock
_onexit
_setjmp3
_setmode
_sopen
_stat
time
mktime
localtime
gmtime
_stricmp
_unlock
calloc
clock
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fread
free
freopen
fseek
ftell
fwrite
getc
getenv
isalnum
isalpha
iscntrl
isgraph
islower
ispunct
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
puts
qsort
rand
realloc
remove
rename
rewind
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strspn
strstr
strtok
abort
atan
system
time
tolower
toupper
vfprintf
_findnext
longjmp
_open
_mkdir
_fdopen
_close

opengl32

glBindTexture
glBlendFunc
glClear
glClearColor
glCullFace
glDisable
glDrawArrays
glEnable
glGenTextures
glGetIntegerv
glGetString
glTexImage2D
glTexParameteri
glViewport
wglGetCurrentDC
wglGetProcAddress

shell32

SHGetFolderPathW
ShellExecuteA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile

holoplaycore

hpc_InitializeApp
hpc_CloseApp
hpc_GetStateAsJSON
hpc_GetNumDevices
hpc_GetDevicePropertyScreenW
hpc_GetDevicePropertyScreenH
hpc_GetDevicePropertyPitch
hpc_GetDevicePropertyCenter
hpc_GetDevicePropertyTilt

sdl2

SDL_ClearError
SDL_CreateRGBSurfaceFrom
SDL_CreateRenderer
SDL_CreateTexture
SDL_CreateThread
SDL_CreateWindow
SDL_Delay
SDL_DestroyRenderer
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DetachThread
SDL_FreeSurface
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_MakeCurrent
SDL_GL_SetAttribute
SDL_GL_SwapWindow
SDL_GameControllerAddMapping
SDL_GameControllerClose
SDL_GameControllerGetAttached
SDL_GameControllerGetAxis
SDL_GameControllerGetButton
SDL_GameControllerGetJoystick
SDL_GameControllerMapping
SDL_GameControllerNameForIndex
SDL_GameControllerOpen
SDL_GetAudioDriver
SDL_GetClipboardText
SDL_GetCurrentAudioDriver
SDL_GetCurrentDisplayMode
SDL_GetCurrentVideoDriver
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetDisplayMode
SDL_GetDisplayName
SDL_GetError
SDL_GetKeyFromScancode
SDL_GetKeyboardFocus
SDL_GetKeyboardState
SDL_GetModState
SDL_GetMouseState
SDL_GetNumAudioDrivers
SDL_GetNumDisplayModes
SDL_GetNumRenderDrivers
SDL_GetNumVideoDisplays
SDL_GetNumVideoDrivers
SDL_GetRenderDriverInfo
SDL_GetRendererInfo
SDL_GetScancodeName
SDL_GetTicks
SDL_GetVersion
SDL_GetVideoDriver
SDL_GetWindowID
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_GetWindowSurface
SDL_HasClipboardText
SDL_Init
SDL_InitSubSystem
SDL_IsGameController
SDL_JoystickClose
SDL_JoystickGetAxis
SDL_JoystickGetButton
SDL_JoystickInstanceID
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickOpen
SDL_LockAudio
SDL_LockSurface
SDL_Log
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PollEvent
SDL_RaiseWindow
SDL_RenderClear
SDL_RenderCopy
SDL_RenderPresent
SDL_SetClipboardText
SDL_SetHint
SDL_SetRenderDrawColor
SDL_SetWindowGrab
SDL_SetWindowIcon
SDL_SetWindowTitle
SDL_ShowCursor
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UpdateTexture
SDL_UpdateWindowSurface
SDL_WarpMouseInWindow
SDL_free
SDL_setenv

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 265.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b54d941d1d43d55dae0e4c872cc20fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

opengl32

shell32

wininet

holoplaycore

sdl2

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 15KB - Virtual size: 14KB

.rdata Size: 291KB - Virtual size: 290KB

.bss Size: - Virtual size: 265.5MB

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 330KB - Virtual size: 329KB

/31 Size: 16KB - Virtual size: 15KB

/45 Size: 17KB - Virtual size: 17KB

/57 Size: 5KB - Virtual size: 4KB

/70 Size: 3KB - Virtual size: 2KB

/81 Size: 32KB - Virtual size: 32KB

/92 Size: 1KB - Virtual size: 1KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 15KB - Virtual size: 14KB

.rdata
Size: 291KB - Virtual size: 290KB

.bss
Size: - Virtual size: 265.5MB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 330KB - Virtual size: 329KB

/31
Size: 16KB - Virtual size: 15KB

/45
Size: 17KB - Virtual size: 17KB

/57
Size: 5KB - Virtual size: 4KB

/70
Size: 3KB - Virtual size: 2KB

/81
Size: 32KB - Virtual size: 32KB

/92
Size: 1KB - Virtual size: 1KB