NEAS[.]089ab43bdbb8661ba35614192d3748c0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.089ab43bdbb8661ba35614192d3748c0.exe
Size

32KB
MD5

089ab43bdbb8661ba35614192d3748c0
SHA1

2f21ab2b065db17f2e7831a7071acb4444b595dc
SHA256

e3bba78c6b2d4aaf565df8b81d01a56f5bfb760c6d7c1e28feab5aa8681f23a2
SHA512

c3a5696766211bf9e999c2df583c073799343603800950d672ba977b71a8d81e1c696e4a761d9a92505ad325b35062370e22bc2eb11e8a36282b1c1911c86a19
SSDEEP

384:yOAq8NPmj4kQNqoV4+PCyP4EYQTGfuTE6bARzR6sWgCxGrCU5xT:l8RJ5C64EYQTGCCJWgrnrT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.089ab43bdbb8661ba35614192d3748c0.exe

Files

NEAS.089ab43bdbb8661ba35614192d3748c0.exe
.dll windows:4 windows x86 arch:x86

40a088216bc2eb127a4ce11b0f28e281

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libgmp-10

__gmpn_popcount
__gmpz_add
__gmpz_addmul
__gmpz_and
__gmpz_bin_ui
__gmpz_clear
__gmpz_clrbit
__gmpz_cmp
__gmpz_cmpabs
__gmpz_com
__gmpz_combit
__gmpz_export
__gmpz_fac_ui
__gmpz_fdiv_q
__gmpz_fib_ui
__gmpz_gcd
__gmpz_gcdext
__gmpz_get_d
__gmpz_get_str
__gmpz_hamdist
__gmpz_import
__gmpz_init
__gmpz_invert
__gmpz_ior
__gmpz_jacobi
__gmpz_lcm
__gmpz_lucnum_ui
__gmpz_mod
__gmpz_mul
__gmpz_mul_2exp
__gmpz_nextprime
__gmpz_powm
__gmpz_primorial_ui
__gmpz_probab_prime_p
__gmpz_remove
__gmpz_root
__gmpz_scan0
__gmpz_scan1
__gmpz_set
__gmpz_set_si
__gmpz_set_str
__gmpz_set_ui
__gmpz_setbit
__gmpz_sizeinbase
__gmpz_sub
__gmpz_submul
__gmpz_swap
__gmpz_tdiv_q
__gmpz_tdiv_qr
__gmpz_tdiv_r
__gmpz_tstbit
__gmpz_xor

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

libmingwex-4

__mingw_free

msvcrt

__dllonexit
_errno
_iob
abort
calloc
fflush
fwrite
malloc
vfprintf

agena

agnL_optnonnegint
agnL_optposint
agn_checklstring
agn_checknonnegint
agn_checknumber
agn_checkposint
agn_getutype
agn_rawsetfield
agn_tostring
luaL_checkudata
luaL_checkuint32_t
luaL_error
luaL_newmetatable
luaL_register
lua_concat
lua_createtable
lua_newuserdata
lua_pushboolean
lua_pushfstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushundefined
lua_setmetatabletoobject
lua_settop
lua_type
lua_typename

Exports

Exports

luaopen_mp

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 100B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40a088216bc2eb127a4ce11b0f28e281

Headers

File Characteristics

Imports

libgmp-10

kernel32

libmingwex-4

msvcrt

agena

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 8B

.rdata Size: 2KB - Virtual size: 2KB

/4 Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 100B

.edata Size: 512B - Virtual size: 68B

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 2KB - Virtual size: 2KB

/4
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 100B

.edata
Size: 512B - Virtual size: 68B

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1KB - Virtual size: 1KB