NEAS[.]75cfb2926a33146e2cb9ee5ea69599c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.75cfb2926a33146e2cb9ee5ea69599c0.exe
Size

78KB
MD5

75cfb2926a33146e2cb9ee5ea69599c0
SHA1

131f91c1ddc549b6ee8bf3b7a268b9824a7a9cbe
SHA256

9c77d06c0266144cb4d3edc7644cf875ddccc8e2e432505e8772f3c706c007c8
SHA512

dcc322303415723b84070acc291027c1dde748537fc69adf39f63fb051fe6ba178208e81d843c2d9e9487b4facaa6975c4ac9357bb82cbac4c90fcf5ba695ddb
SSDEEP

1536:WCQooi/wwHvhQ/XbKd7dKxxCqHNX/IcEMqHo:WCQooRwHvefbK2u4NX/IcAHo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.75cfb2926a33146e2cb9ee5ea69599c0.exe

Files

NEAS.75cfb2926a33146e2cb9ee5ea69599c0.exe
.dll windows:6 windows x86

dc6419bf9dd0d7aa90c7f2d15c97ac14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gstbase-1.0-0

gst_push_src_get_type
gst_base_sink_get_type

gstreamer-1.0-0

gst_buffer_new_allocate
gst_structure_free
gst_structure_copy
_gst_caps_type
gst_value_set_caps
gst_element_get_type
gst_resource_error_quark
gst_element_message_full
_gst_element_error_printf
gst_pad_mark_reconfigure
gst_event_has_name
gst_event_get_structure
gst_buffer_resize
gst_caps_intersect_full
gst_caps_new_any
gst_structure_get
gst_mini_object_copy
_gst_structure_type
gst_element_register
gst_pad_push_event
gst_event_new_custom
gst_query_add_allocation_meta
gst_buffer_iterate_meta
gst_buffer_find_memory
gst_buffer_peek_memory
gst_buffer_new_wrapped
gst_structure_new
gst_plugin_register_static
gst_memory_map
gst_object_unref
gst_object_ref
_gst_value_array_type
_gst_debug_min
_gst_buffer_type
gst_type_mark_as_plugin_api
gst_value_compare
gst_value_array_get_value
gst_value_array_get_size
_gst_debug_register_funcptr
_gst_debug_category_new
gst_debug_log
gst_element_class_set_static_metadata
gst_element_class_add_static_pad_template
gst_pad_get_current_caps
gst_buffer_unmap
gst_buffer_map
gst_buffer_get_size
gst_caps_is_equal
gst_caps_get_structure
gst_structure_has_field
gst_structure_get_value
gst_structure_set
gst_structure_new_empty
gst_mini_object_replace
gst_mini_object_unref
gst_mini_object_ref
gst_format_get_type
gst_memory_unmap
gst_value_get_caps

gobject-2.0-0

g_object_notify
g_value_dup_string
g_value_get_string
g_value_set_string
g_value_get_uint
g_param_spec_string
g_value_take_boxed
g_param_spec_object
g_param_spec_boxed
g_value_dup_object
g_value_set_object
g_object_unref
g_object_ref
g_signal_emit
g_type_check_instance_is_a
g_value_get_uint64
g_value_set_uint64
g_value_get_int64
g_value_set_int64
g_value_set_uint
g_value_get_int
g_type_class_peek_parent
g_value_get_boolean
g_value_set_boolean
g_param_spec_enum
g_param_spec_uint64
g_param_spec_int64
g_param_spec_uint
g_param_spec_int
g_param_spec_boolean
g_enum_register_static
g_value_get_enum
g_value_set_enum
g_object_class_install_property
g_value_get_boxed
g_value_set_int
g_type_register_static_simple
g_type_class_adjust_private_offset
g_type_name
g_signal_new
g_value_peek_pointer

glib-2.0-0

g_atomic_int_set
g_atomic_int_get
g_list_append
g_dgettext
g_strdup
g_list_free_full
g_mutex_unlock
g_mutex_lock
g_timeout_source_new
g_source_set_callback
g_source_destroy
g_source_attach
g_source_unref
g_main_context_wakeup
g_main_context_iteration
g_main_context_unref
g_main_context_new
g_slist_remove
g_direct_hash
g_int_equal
g_hash_table_foreach_remove
g_hash_table_new
g_malloc0_n
g_malloc
g_snprintf
g_clear_error
g_error_matches
g_assertion_message_expr
g_return_if_fail_warning
g_log
g_get_real_time
g_get_monotonic_time
g_slist_foreach
g_slist_append
g_slist_free
g_hash_table_size
g_array_new
g_array_free
g_array_prepend_vals
g_array_remove_index
g_intern_static_string
g_thread_new
g_thread_self
g_thread_join
g_rec_mutex_init
g_rec_mutex_clear
g_rec_mutex_lock
g_rec_mutex_unlock
g_once_init_enter
g_once_init_leave
g_free
g_list_prepend
g_list_remove
g_hash_table_destroy
g_hash_table_insert
g_hash_table_remove
g_hash_table_lookup

gstnet-1.0-0

gst_buffer_add_net_control_message_meta
gst_net_control_message_meta_api_get_type

gio-2.0-0

g_cancellable_new
g_socket_get_remote_address
g_inet_socket_address_get_address
g_socket_listen
g_socket_accept
g_socket_bind
g_socket_set_listen_backlog
g_socket_get_local_address
g_inet_socket_address_get_port
g_socket_new
g_resolver_lookup_by_name
g_resolver_get_default
g_inet_socket_address_new
g_socket_address_get_family
g_inet_address_to_string
g_inet_address_new_from_string
g_socket_send
g_socket_close
g_socket_condition_wait
g_socket_condition_check
g_socket_connect
g_socket_set_timeout
g_socket_send_with_blocking
g_socket_receive_message
g_cancellable_reset
g_socket_create_source
g_socket_send_message
g_socket_receive
g_socket_get_available_bytes
g_socket_set_blocking
g_socket_get_fd
g_socket_get_type
g_io_error_quark
g_cancellable_cancel

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_cexit

kernel32

GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Exports

Exports

gst_plugin_tcp_get_desc
gst_plugin_tcp_register

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc6419bf9dd0d7aa90c7f2d15c97ac14

Headers

DLL Characteristics

File Characteristics

Imports

gstbase-1.0-0

gstreamer-1.0-0

gobject-2.0-0

glib-2.0-0

gstnet-1.0-0

gio-2.0-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB