NEAS[.]18889281cc7a218a31296f72ee452ed0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.18889281cc7a218a31296f72ee452ed0.exe
Size

16KB
MD5

18889281cc7a218a31296f72ee452ed0
SHA1

6d8b94a36a46f8391f0b2caabb422bbe3558cf6d
SHA256

ec79329093acab76065668b78927dff48424e2257c9cde1ea28c0d61d80268d4
SHA512

93977087f1d7796d9a3a5a301305a639c8a4380018e1e449798dd58cd033fe8b810040c99e3d36b9abca5b5a3f4cc0e6b1844c226ac5fe7fd89f94442444fd42
SSDEEP

384:Yt5dHZLjG2Xrqrpip4J20jOG1OLViGXtX7cbRImK4270B5:qvLjXrq9o4Yq1eRXtXuW0B5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.18889281cc7a218a31296f72ee452ed0.exe

Files

NEAS.18889281cc7a218a31296f72ee452ed0.exe
.dll windows:6 windows x86

302ea27239d5cd1c661ed4b4360e8e34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gstreamer-1.0-0

gst_element_remove_pad
gst_element_add_pad
gst_element_get_type
gst_element_class_set_static_metadata
gst_element_class_get_pad_template
gst_element_class_add_static_pad_template
_gst_element_error_printf
gst_element_message_full
gst_stream_error_quark
gst_debug_log
_gst_debug_category_new
_gst_debug_register_funcptr
gst_pad_use_fixed_caps
gst_mini_object_unref
gst_element_no_more_pads
_gst_debug_min
gst_mini_object_make_writable
gst_mini_object_ref
gst_element_register
gst_plugin_register_static
gst_pad_send_event
gst_pad_event_default
gst_pad_push_event
gst_pad_push
gst_pad_set_event_function_full
gst_pad_set_chain_function_full
gst_pad_sticky_events_foreach
gst_pad_set_active
gst_pad_new_from_template
gst_pad_get_type
gst_event_parse_tag
gst_event_new_tag
gst_event_parse_caps
gst_event_new_caps
gst_tag_list_add
gst_tag_list_insert
gst_tag_list_new_empty
gst_buffer_append
gst_buffer_copy_region
gst_buffer_get_size
gst_buffer_extract
gst_caps_is_equal
gst_caps_is_fixed
gst_caps_get_structure
gst_caps_new_empty_simple
gst_structure_get_string
gst_structure_get_int
gst_mini_object_replace
gst_mini_object_copy

gobject-2.0-0

g_type_class_ref
g_type_class_peek_parent
g_type_register_static_simple
g_type_class_adjust_private_offset
g_type_check_instance_is_a
g_object_unref

glib-2.0-0

g_return_if_fail_warning
g_strfreev
g_strsplit
g_strndup
g_strdup
g_ascii_strncasecmp
g_ascii_strcasecmp
g_list_foreach
g_list_append
g_list_free
g_free
g_once_init_leave
g_once_init_enter
g_intern_static_string

gstbase-1.0-0

gst_adapter_flush
gst_adapter_unmap
gst_adapter_map
gst_adapter_push
gst_adapter_clear
gst_adapter_new
gst_type_find_helper_for_buffer
gst_adapter_available

gsttag-1.0-0

gst_tag_freeform_string_to_utf8

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_cexit

kernel32

GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Exports

Exports

gst_plugin_icydemux_get_desc
gst_plugin_icydemux_register

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

302ea27239d5cd1c661ed4b4360e8e34

Headers

DLL Characteristics

File Characteristics

Imports

gstreamer-1.0-0

gobject-2.0-0

glib-2.0-0

gstbase-1.0-0

gsttag-1.0-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1004B

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1004B

.reloc
Size: 1024B - Virtual size: 840B