NEAS[.]d9c84dae88019f4911e03df9ffed3630_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.d9c84dae88019f4911e03df9ffed3630_JC.exe
Size

38KB
MD5

d9c84dae88019f4911e03df9ffed3630
SHA1

ba30b42271560ba199d9e38ce86d77d5b44bf1b8
SHA256

73569bdda7a111b9c4b1fb445e1de5a58fab3a9b7cd45c0bc48391dda1d59a0b
SHA512

95707e61e9d8368fd1abce3cc49c0cd22ec994dc583db970521535ca806013f13476b4e1bc735185c6e2bf4a6de82f2afd587fbc4e31979d7e6928a49cbf51dd
SSDEEP

768:AmUwtk5CRdWQ37xGzZF3cu0OUb6g0wzvjn0RNvS:AmUDC3WIxy73cu0OFgZvjnaNvS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.d9c84dae88019f4911e03df9ffed3630_JC.exe

Files

NEAS.d9c84dae88019f4911e03df9ffed3630_JC.exe
.dll windows:6 windows x86

e3525a24ad1d46ad6f0afb75de7a5106

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gstbase-1.0-0

gst_base_sink_set_sync
gst_base_src_get_type
gst_base_src_set_dynamic_size
gst_base_src_set_automatic_eos
gst_base_sink_get_type

gstreamer-1.0-0

gst_element_register
gst_message_new_element
gst_structure_new
gst_buffer_copy_region
gst_buffer_copy_into
gst_buffer_append_memory
gst_buffer_new
gst_allocator_alloc
gst_memory_unmap
gst_memory_map
gst_type_mark_as_plugin_api
_gst_debug_register_funcptr
gst_element_class_add_static_pad_template
gst_uri_handler_get_uri
gst_event_parse_segment
gst_query_set_uri
gst_query_set_formats
gst_query_parse_seeking
gst_element_post_message
gst_query_parse_position
gst_query_set_position
gst_format_get_name
gst_buffer_unmap
gst_buffer_map
gst_mini_object_unref
_gst_debug_min
_gst_debug_category_new
gst_debug_log
gst_library_error_quark
gst_resource_error_quark
gst_element_message_full
_gst_element_error_printf
gst_element_get_type
gst_uri_handler_get_type
gst_uri_error_quark
gst_plugin_add_dependency_simple
gst_plugin_register_static
gst_element_class_set_static_metadata
gst_object_unref
gst_query_set_scheduling
gst_query_add_scheduling_mode
gst_query_set_seeking

glib-2.0-0

g_thread_yield
g_main_context_new
g_main_context_unref
g_main_context_push_thread_default
g_main_context_pop_thread_default
g_main_loop_new
g_main_loop_run
g_main_loop_quit
g_main_loop_unref
g_main_loop_is_running
g_log
g_error_matches
g_set_error
g_clear_error
g_once_impl
g_once_init_enter
g_once_init_leave
g_malloc0_n
g_return_if_fail_warning
g_strv_length
g_intern_static_string
g_free
g_mutex_lock
g_mutex_unlock
g_strdup

gobject-2.0-0

g_value_set_string
g_value_get_string
g_signal_new
g_signal_emit
g_signal_connect_data
g_signal_handlers_disconnect_matched
g_param_spec_boolean
g_value_set_boolean
g_value_get_boolean
g_object_ref
g_value_dup_object
g_value_set_object
g_object_class_install_property
g_type_name
g_object_unref
g_type_class_adjust_private_offset
g_type_register_static_simple
g_type_class_peek_parent
g_object_get
g_object_set
g_type_check_instance_is_a
g_type_add_interface_static
g_type_is_a
g_param_spec_string
g_param_spec_object

gio-2.0-0

g_seekable_can_seek
g_file_monitor
g_file_query_exists
g_file_read
g_file_get_uri_scheme
g_file_create
g_file_get_uri
g_file_new_for_uri
g_file_get_type
g_seekable_tell
g_file_input_stream_query_info
g_file_input_stream_get_type
g_file_info_get_size
g_input_stream_is_closed
g_input_stream_close
g_seekable_get_type
g_cancellable_cancel
g_cancellable_new
g_output_stream_is_closed
g_output_stream_close
g_output_stream_flush
g_output_stream_write_all
g_output_stream_get_type
g_input_stream_get_type
g_vfs_get_default
g_vfs_get_supported_uri_schemes
g_seekable_seek
g_io_error_quark
g_input_stream_read

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_cexit

kernel32

UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

Exports

Exports

gst_plugin_gio_get_desc
gst_plugin_gio_register

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3525a24ad1d46ad6f0afb75de7a5106

Headers

DLL Characteristics

File Characteristics

Imports

gstbase-1.0-0

gstreamer-1.0-0

glib-2.0-0

gobject-2.0-0

gio-2.0-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB