NEAS[.]eb17044d1a5ba9c6d0d07a2e134298e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.eb17044d1a5ba9c6d0d07a2e134298e0.exe
Size

52KB
MD5

eb17044d1a5ba9c6d0d07a2e134298e0
SHA1

5f5fb5a42a7526d259ca36515bf089e6a7ab8147
SHA256

8fe61638ce5b6c4f68a9b77ca11eb53845189b4a5fe3f74278f4ff6127164344
SHA512

801f4d5ff1c6fc4d68f9e3c8adf8cc7bfada355dd729455340e60e3a7d1ad07e98c179a28abccd39fc7ed2edd53b6ca191264c625f70385b567ba402656cc057
SSDEEP

768:ZfoGWVi2GZhCZkGNF8JlLyf5IAjcVoYCFWdX3jFGZTZI44DdIrv8s:wGZbGilq5IwaoLWdX3jFsMDdILl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.eb17044d1a5ba9c6d0d07a2e134298e0.exe

Files

NEAS.eb17044d1a5ba9c6d0d07a2e134298e0.exe
.dll windows:6 windows x86

88300f38767b593c87af41a96c4015df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gstbase-1.0-0

gst_adapter_take_buffer
gst_adapter_flush
gst_type_find_helper_for_buffer_with_caps
gst_adapter_map
gst_adapter_push
gst_adapter_clear
gst_adapter_unmap
gst_adapter_available
gst_adapter_new

gstreamer-1.0-0

gst_event_parse_seek
gst_event_parse_toc_select
gst_event_new_segment_done
gst_pad_template_new
gst_flow_get_name
gst_pad_get_type
gst_pad_new_from_template
gst_pad_new_from_static_template
gst_pad_activate_mode
gst_pad_get_sticky_event
gst_pad_set_activate_function_full
gst_pad_set_activatemode_function_full
gst_pad_set_chain_function_full
gst_pad_set_event_function_full
gst_pad_is_linked
gst_pad_get_pad_template_caps
gst_pad_push
gst_pad_pull_range
gst_pad_push_event
gst_pad_event_default
gst_pad_send_event
gst_pad_start_task
gst_pad_pause_task
gst_pad_stop_task
gst_pad_peer_query
gst_pad_set_query_function_full
gst_pad_query_default
gst_event_new_tag
gst_element_register
gst_make_element_message_details
gst_element_class_add_pad_template
gst_element_class_add_static_pad_template
gst_element_class_get_pad_template
gst_element_class_set_static_metadata
gst_element_get_type
gst_element_add_pad
gst_element_post_message
_gst_element_error_printf
gst_element_message_full
gst_element_message_full_with_details
gst_stream_error_quark
gst_debug_log
gst_event_new_seek
_gst_debug_dump_mem
_gst_debug_register_funcptr
gst_util_uint64_scale
gst_util_uint64_scale_round
gst_util_uint64_scale_ceil
gst_util_uint64_scale_int
gst_util_uint64_scale_int_ceil
gst_util_group_id_next
gst_pad_use_fixed_caps
gst_pad_query_convert
gst_pad_peer_query_duration
gst_pad_create_stream_id
_gst_debug_min
gst_event_new_toc
gst_event_copy_segment
gst_event_new_segment
gst_event_new_caps
gst_event_new_eos
gst_event_new_flush_stop
gst_event_new_flush_start
gst_event_set_group_id
gst_event_new_stream_start
gst_event_set_seqnum
gst_event_get_seqnum
gst_event_type_get_name
gst_message_new_segment_done
gst_message_new_segment_start
gst_query_has_scheduling_mode_with_flags
gst_query_new_scheduling
gst_query_parse_seeking
gst_query_set_seeking
gst_query_new_seeking
gst_query_set_segment
gst_query_parse_convert
gst_query_set_convert
gst_query_parse_duration
gst_query_set_duration
gst_query_parse_position
gst_query_set_position
gst_query_type_get_name
gst_toc_entry_get_start_stop_times
gst_toc_entry_set_start_stop_times
gst_toc_entry_get_tags
_gst_debug_category_new
gst_event_parse_tag
gst_mini_object_ref
gst_mini_object_unref
gst_mini_object_make_writable
gst_mini_object_copy
gst_mini_object_replace
gst_structure_has_name
gst_structure_remove_field
gst_structure_has_field
gst_toc_entry_set_tags
gst_toc_entry_append_sub_entry
gst_toc_find_entry
gst_toc_entry_new
gst_toc_append_entry
gst_toc_new
gst_tag_list_remove_tag
gst_tag_list_add
gst_tag_list_merge
gst_tag_list_get_scope
gst_tag_list_new_empty
gst_segment_do_seek
gst_segment_to_running_time
gst_segment_to_stream_time
gst_segment_init
gst_segment_copy_into
gst_format_get_name
gst_buffer_unmap
gst_buffer_map
gst_buffer_resize
gst_buffer_get_size
gst_buffer_extract
gst_buffer_new
gst_caps_from_string
gst_caps_is_fixed
gst_caps_get_structure
gst_plugin_register_static

gobject-2.0-0

g_type_class_peek_parent
g_type_register_static_simple
g_type_class_adjust_private_offset
g_type_check_instance_is_a
g_object_class_install_property
g_object_unref
g_param_spec_boolean
g_value_set_boolean
g_value_get_boolean
g_type_name

glib-2.0-0

g_intern_static_string
g_mutex_lock
g_mutex_unlock
g_rec_mutex_lock
g_rec_mutex_unlock
g_once_init_enter
g_once_init_leave
g_free
g_malloc0_n
g_ascii_table
g_assertion_message_expr
g_return_if_fail_warning
g_log
g_strndup
g_strdup_printf
g_list_append
g_list_free_full

gstpbutils-1.0-0

gst_pb_utils_add_codec_description_to_tag_list

gstriff-1.0-0

gst_riff_init
gst_riff_create_audio_template_caps
gst_riff_parse_strf_auds
gst_riff_parse_file_header
gst_riff_read_chunk
gst_riff_parse_info
gst_riff_create_audio_caps

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll

kernel32

IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

gst_plugin_wavparse_get_desc
gst_plugin_wavparse_register

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88300f38767b593c87af41a96c4015df

Headers

DLL Characteristics

File Characteristics

Imports

gstbase-1.0-0

gstreamer-1.0-0

gobject-2.0-0

glib-2.0-0

gstpbutils-1.0-0

gstriff-1.0-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 976B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 976B

.reloc
Size: 3KB - Virtual size: 2KB