gst_plugin_playback_get_desc
gst_plugin_playback_register
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
NEAS.9bccb5561c4d4b063bd89ae07e3440d0.dll
Resource
win7-20231020-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
NEAS.9bccb5561c4d4b063bd89ae07e3440d0.dll
Resource
win10v2004-20231020-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
NEAS.9bccb5561c4d4b063bd89ae07e3440d0.exe
-
Size
461KB
-
MD5
9bccb5561c4d4b063bd89ae07e3440d0
-
SHA1
6bedf33bd21babbd12fe5ea8c457f877261f4df6
-
SHA256
ea5673b7be2cfd3c548398525211f3af5fc84fdd4ee128f4015c65b40cdb578b
-
SHA512
67c6d6c654e807c191bf678823df955575580affd3779b3b1e6c059bb5ea10287382b29c14a4f7e64a66574644baec9e1ccc1ea183f17f78b35ee9137c60170c
-
SSDEEP
6144:XRYlAqUAj94SZ00g9rHbdEjnHPsQRqlunZgT9m71pJkAlasZ:XRYlAqUAx4S697RETvsfAZgU2At
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.9bccb5561c4d4b063bd89ae07e3440d0.exe
Files
-
NEAS.9bccb5561c4d4b063bd89ae07e3440d0.exe.dll windows:6 windows x86
4408956e0adf6c429a06bd5e9db2853b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
gstaudio-1.0-0
gst_stream_volume_get_type
gstvideo-1.0-0
gst_video_decoder_get_type
gst_video_decoder_get_latency
gst_video_info_from_caps
gst_is_video_overlay_prepare_window_handle_message
gst_video_overlay_prepare_window_handle
gst_color_balance_channel_get_type
gst_video_convert_sample
gst_video_overlay_set_window_handle
gst_video_overlay_handle_events
gst_video_overlay_expose
gst_video_overlay_set_render_rectangle
gst_video_overlay_get_type
gst_navigation_send_event_simple
gst_navigation_get_type
gst_color_balance_value_changed
gst_color_balance_get_balance_type
gst_color_balance_get_value
gst_color_balance_set_value
gst_color_balance_list_channels
gst_color_balance_get_type
gst_video_multiview_mode_from_caps_string
gst_video_multiview_mode_to_caps_string
gst_video_multiview_flagset_get_type
gst_video_multiview_flags_get_type
gst_video_multiview_frame_packing_get_type
gstpbutils-1.0-0
gst_missing_decoder_message_new
gst_missing_element_message_new
gst_pb_utils_get_codec_description
gst_pb_utils_get_caps_description_flags
gst_pb_utils_init
gst_missing_uri_source_message_new
gstreamer-1.0-0
gst_query_parse_latency
gst_query_set_seeking
gst_query_parse_scheduling
gst_message_get_structure
gst_message_has_name
gst_event_parse_tag
gst_pad_link
gst_uri_is_valid
gst_uri_get_protocol
gst_element_make_from_uri
gst_element_query
gst_bin_set_suppressed_flags
gst_resource_error_quark
gst_value_list_append_and_take_value
gst_value_list_get_size
gst_value_list_get_value
gst_util_uint64_scale
gst_element_link_pads
gst_element_query_duration
gst_object_get_name
gst_message_streams_selected_get_size
gst_event_new_flush_start
gst_event_new_flush_stop
gst_pad_link_get_name
gst_pad_is_linked
gst_element_foreach_src_pad
gst_ghost_pad_new
GST_CAT_DEFAULT
gst_object_has_as_parent
gst_structure_new
gst_iterator_foreach
gst_query_new_duration
gst_query_new_buffering
gst_event_writable_structure
gst_pad_get_single_internal_link
gst_tag_list_get_scope
gst_stream_new
gst_stream_set_stream_type
gst_stream_set_tags
gst_event_parse_stream_start
gst_event_set_stream
gst_event_parse_stream_flags
gst_event_new_stream_collection
gst_plugin_register_static
gst_structure_can_intersect
gst_caps_features_is_equal
gst_caps_features_is_any
gst_caps_get_features
_gst_caps_features_memory_system_memory
gst_structure_get_string
gst_structure_get_flagset
gst_caps_features_copy
gst_caps_append_structure
gst_caps_append_structure_full
gst_context_get_context_type
gst_context_is_persistent
gst_message_parse_error_details
gst_caps_get_size
gst_message_parse_context_type
gst_message_parse_have_context
gst_event_new_custom
gst_event_new_caps
gst_event_new_seek
gst_pad_get_pad_template_caps
gst_bus_new
gst_bus_set_sync_handler
gst_plugin_feature_get_rank
gst_plugin_feature_list_debug
gst_uri_join_strings
gst_element_set_bus
gst_element_set_context
gst_element_change_state
gst_pipeline_get_type
gst_element_factory_can_src_any_caps
_gst_sample_type
_gst_tag_list_type
gst_message_streams_selected_get_stream
gst_event_new_select_streams
gst_structure_id_has_field
gst_iterator_find_custom
gst_message_parse_step_done
gst_event_new_step
gst_event_parse_step
gst_pad_set_chain_function_full
gst_element_get_bus
gst_bin_new
gst_bin_get_by_interface
gst_bin_iterate_recurse
gst_bin_iterate_all_by_interface
gst_proxy_pad_chain_default
gst_element_link_pads_full
gst_structure_get_fraction
gst_event_has_name
gst_flow_get_name
gst_pad_set_unlink_function_full
gst_pad_set_offset
gst_registry_feature_filter
gst_util_set_object_arg
_gst_fraction_type
gst_caps_new_full
gst_caps_append
gst_caps_merge_structure_full
gst_pad_is_blocked
gst_pad_peer_query_accept_caps
gst_buffer_get_size
gst_iterator_new_single
gst_format_get_name
gst_segment_copy_into
gst_segment_init
gst_segment_to_running_time
gst_event_get_running_time_offset
gst_event_set_running_time_offset
gst_event_parse_flush_stop
gst_event_new_gap
gst_event_new_segment
gst_event_copy_segment
gst_pad_template_get_type
gst_pad_push
gst_pad_set_iterate_internal_links_function_full
gst_query_parse_duration
gst_caps_new_empty_simple
gst_structure_get_int
gst_structure_get_value
gst_structure_take_value
gst_structure_copy
gst_structure_new_empty
_gst_event_type
_gst_caps_any
gst_pad_get_stream
gst_util_group_id_next
gst_ghost_pad_new_no_target_from_template
gst_ghost_pad_new_no_target
gst_element_call_async
gst_element_sync_state_with_parent
gst_element_class_add_pad_template
gst_plugin_feature_rank_compare_func
gst_pad_unlink
gst_pad_set_link_function_full
gst_event_parse_segment
gst_event_parse_caps
gst_event_new_eos
gst_event_parse_select_streams
gst_event_parse_stream_collection
gst_event_set_group_id
gst_event_parse_stream
gst_event_set_seqnum
gst_event_get_seqnum
gst_event_get_structure
gst_message_streams_selected_add
gst_message_new_streams_selected
gst_message_parse_stream_collection
gst_message_new_stream_collection
gst_message_set_seqnum
gst_query_set_duration
gst_stream_collection_add_stream
gst_stream_collection_get_stream
gst_stream_collection_get_size
gst_stream_collection_get_upstream_id
gst_stream_collection_new
gst_stream_collection_get_type
gst_stream_type_get_name
gst_stream_get_caps
gst_stream_set_caps
gst_stream_get_tags
gst_stream_get_stream_type
gst_stream_get_stream_flags
gst_stream_get_stream_id
gst_stream_get_type
gst_query_parse_selectable
gst_query_new_selectable
gst_query_parse_caps_result
gst_query_set_caps_result
gst_query_parse_caps
gst_query_new_caps
gst_query_set_accept_caps_result
gst_query_parse_accept_caps
gst_query_has_scheduling_mode_with_flags
gst_query_new_scheduling
gst_caps_can_intersect
gst_caps_new_any
gst_structure_has_field
gst_structure_set
gst_mini_object_get_qdata
gst_mini_object_set_qdata
gst_mini_object_copy
gst_mini_object_make_writable
_gst_value_list_type
_gst_debug_min
_gst_query_type
_gst_caps_type
_gst_structure_type
gst_type_mark_as_plugin_api
gst_pad_get_stream_id
gst_pad_peer_query_duration
gst_pad_query_accept_caps
gst_pad_query_caps
gst_pad_get_parent_element
gst_registry_get_feature_list_cookie
gst_registry_get
gst_value_set_structure
gst_value_list_append_value
_gst_debug_register_funcptr
_gst_debug_category_new
gst_debug_log
gst_ghost_pad_set_target
gst_ghost_pad_get_target
gst_ghost_pad_new_from_template
gst_ghost_pad_get_type
gst_proxy_pad_get_internal
gst_core_error_quark
gst_stream_error_quark
gst_error_get_message
gst_bin_remove
gst_bin_add
gst_bin_get_type
gst_element_get_factory
gst_element_set_state
gst_element_set_locked_state
gst_element_message_full
_gst_element_error_printf
gst_element_post_message
gst_element_send_event
gst_element_iterate_sink_pads
gst_element_iterate_src_pads
gst_element_release_request_pad
gst_element_request_pad_simple
gst_element_get_static_pad
gst_element_no_more_pads
gst_element_remove_pad
gst_element_add_pad
gst_element_get_type
gst_element_class_set_static_metadata
gst_element_class_get_pad_template_list
gst_element_class_add_static_pad_template
gst_element_factory_list_filter
gst_element_factory_list_get_elements
gst_element_factory_list_is_type
gst_element_register
gst_element_factory_make
gst_element_factory_create
gst_element_factory_get_static_pad_templates
gst_element_factory_get_metadata
gst_element_factory_get_type
gst_plugin_feature_list_free
gst_pad_query_default
gst_pad_set_query_function_full
gst_pad_peer_query
gst_pad_query
gst_pad_iterate_internal_links
gst_pad_send_event
gst_pad_event_default
gst_pad_push_event
gst_pad_has_current_caps
gst_pad_get_current_caps
gst_pad_get_peer
gst_pad_link_full
gst_pad_set_event_function_full
gst_pad_sticky_events_foreach
gst_pad_get_sticky_event
gst_pad_store_sticky_event
gst_pad_remove_probe
gst_pad_add_probe
gst_pad_is_active
gst_pad_set_active
gst_pad_get_type
gst_static_pad_template_get_caps
gst_static_pad_template_get
gst_event_new_stream_group_done
gst_event_parse_group_id
gst_event_type_get_name
gst_message_new_async_done
gst_message_new_async_start
gst_message_new_element
gst_message_parse_buffering
gst_message_new_buffering
gst_message_parse_error
gst_query_parse_seeking
gst_query_new_seeking
gst_query_type_get_name
gst_iterator_free
gst_iterator_resync
gst_iterator_next
gst_caps_to_string
gst_caps_intersect_full
gst_caps_is_subset
gst_caps_is_fixed
gst_caps_is_empty
gst_caps_is_any
gst_caps_get_structure
gst_caps_merge
gst_static_caps_get
gst_caps_new_empty
gst_structure_id_set
gst_structure_id_set_value
gst_structure_has_name
gst_structure_get_name
gst_structure_free
gst_structure_new_id_empty
gst_mini_object_replace
gst_mini_object_unref
gst_mini_object_ref
gst_object_replace
gst_object_ref_sink
gst_object_unref
gst_object_ref
gst_object_has_as_ancestor
gst_query_parse_position
gst_query_set_position
gst_tag_list_get_uint_index
gst_object_get_parent
gst_object_set_name
gst_query_set_latency
gst_iterator_fold
gst_message_type_get_name
gst_caps_intersect
gst_message_new_warning
gobject-2.0-0
g_type_class_ref
g_weak_ref_init
g_flags_register_static
g_enum_register_static
g_signal_handler_unblock
g_signal_handler_block
g_type_is_a
g_object_get_property
g_object_set_property
g_param_spec_flags
g_param_spec_enum
g_value_get_flags
g_value_set_flags
g_value_take_object
g_type_add_interface_static
g_value_get_double
g_value_set_double
g_param_spec_double
g_value_dup_string
g_value_set_string
g_value_get_int64
g_value_set_int64
g_param_spec_object
g_param_spec_int64
g_object_set_data_full
g_object_unref
g_object_ref_sink
g_object_notify
g_object_set_data
g_object_get_data
g_value_dup_boxed
g_type_check_instance_is_a
g_param_spec_types
g_value_take_string
g_value_get_string
g_value_get_uint64
g_value_set_uint64
g_value_get_uint
g_value_set_uint
g_value_get_int
g_value_set_int
g_value_get_boolean
g_value_set_boolean
g_value_array_remove
g_value_array_append
g_value_array_free
g_value_array_new
g_value_array_get_nth
g_value_array_get_type
g_param_spec_boxed
g_param_spec_string
g_param_spec_uint64
g_param_spec_uint
g_param_spec_int
g_param_spec_boolean
g_value_get_enum
g_value_set_enum
g_weak_ref_set
g_weak_ref_get
g_weak_ref_clear
g_value_dup_object
g_value_get_object
g_value_set_object
g_object_get
g_object_set
g_object_new
g_object_class_find_property
g_object_class_install_property
g_value_get_boxed
g_value_take_boxed
g_value_set_boxed
g_signal_handler_disconnect
g_signal_connect_data
g_signal_emit
g_signal_new
g_value_unset
g_value_reset
g_value_init
g_type_check_value
g_type_class_adjust_private_offset
g_type_register_static_simple
g_type_class_peek_parent
g_type_name
glib-2.0-0
g_atomic_int_inc
g_cond_clear
g_atomic_int_add
g_list_first
g_ptr_array_new_with_free_func
g_ascii_table
g_slice_alloc
g_sequence_iter_prev
g_sequence_iter_next
g_sequence_iter_is_end
g_sequence_iter_is_begin
g_sequence_get
g_sequence_lookup
g_sequence_append
g_sequence_sort
g_sequence_free
g_sequence_new
g_slist_find
g_slist_remove
g_slist_append
g_list_reverse
g_rec_mutex_clear
g_rec_mutex_init
g_error_free
g_ptr_array_add
g_ptr_array_remove
g_ptr_array_set_size
g_ptr_array_free
g_ptr_array_new
g_getenv
g_cond_broadcast
g_cond_wait
g_cond_init
g_atomic_int_set
g_atomic_int_get
g_ascii_strncasecmp
g_str_has_prefix
g_slist_foreach
g_slist_delete_link
g_slist_prepend
g_slist_free
g_hash_table_iter_next
g_hash_table_iter_init
g_hash_table_size
g_hash_table_lookup
g_hash_table_insert
g_hash_table_destroy
g_hash_table_new_full
g_build_filename
g_get_user_cache_dir
g_get_prgname
g_error_matches
g_strcmp0
g_list_copy_deep
g_list_copy
g_assertion_message_expr
g_slice_free1
g_slice_alloc0
g_queue_pop_tail
g_queue_push_head
g_queue_clear
g_return_if_fail_warning
g_log
g_string_append_printf
g_string_insert_c
g_string_append
g_string_free
g_string_new
g_strdup_printf
g_strdup
g_strrstr
g_list_sort
g_list_foreach
g_list_length
g_list_last
g_list_find
g_list_delete_link
g_list_remove
g_list_concat
g_list_prepend
g_list_append
g_list_free_full
g_list_free
g_malloc0_n
g_free
g_dgettext
g_once_init_leave
g_once_init_enter
g_rec_mutex_unlock
g_rec_mutex_lock
g_mutex_unlock
g_mutex_lock
g_mutex_clear
g_mutex_init
g_thread_join
g_thread_self
g_thread_try_new
g_clear_error
g_intern_static_string
g_quark_from_static_string
g_atomic_int_dec_and_test
intl-8
g_libintl_bind_textdomain_codeset
g_libintl_bindtextdomain
vcruntime140
memset
__std_type_info_destroy_list
strstr
_except_handler4_common
api-ms-win-crt-runtime-l1-1-0
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_onexit_table
_execute_onexit_table
_initterm
_cexit
kernel32
GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
Exports
Exports
Sections
.text Size: 330KB - Virtual size: 329KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ