General

  • Target

    Nezur_Loader.zip

  • Size

    130.1MB

  • MD5

    96f8c60093835d781cf3f38bc723cf30

  • SHA1

    dcfd69d864d71e23045bd458a91c012dcc0df354

  • SHA256

    1a7351453a89de23e71805704199af17fcd0aa1e39fb7e0376c23d786d34404c

  • SHA512

    ab3034a3c541abf595a9b9041860d6f9e29245592ea1fe5442f15845d13c4d7dd33e8cd4dee5f294172bc62d0896fc05502fa0b258dc995d300861e86bf293fa

  • SSDEEP

    3145728:yMbMTzRZz8957gzyytuaF7Mnnj1Bw8CzoahPmOreHw6NX6rQ:yMbMT1Yh4VtuaFl8ehPqQ6NCQ

Score
3/10

Malware Config

Signatures

  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 22 IoCs

    Checks for missing Authenticode signature.

Files

  • Nezur_Loader.zip
    .zip
  • Bin/Aim/_internal.zip
    .zip
  • _internal/VCRUNTIME140.dll
    .dll windows:6 windows x64 arch:x64

    7f07fd94e5bb907093556781cc464017


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/VCRUNTIME140_1.dll
    .dll windows:6 windows x64 arch:x64

    72707e942878aac770fcc118ce3ec1c9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_asyncio.pyd
    .dll windows:6 windows x64 arch:x64

    4e35d4f382a6e5820e4db9b220964fe1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_bz2.pyd
    .dll windows:6 windows x64 arch:x64

    a36962884764276bb35985709aa4e40d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_ctypes.pyd
    .dll windows:6 windows x64 arch:x64

    c7e678778370beefa2be60d7f0444c52


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_decimal.pyd
    .dll windows:6 windows x64 arch:x64

    b4bc8290ce36e458b7f80d6ab6e100dd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_hashlib.pyd
    .dll windows:6 windows x64 arch:x64

    a8173ef8679f8544a88e355945112c77


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_lzma.pyd
    .dll windows:6 windows x64 arch:x64

    b865edd9b0c291111893fc2b523f7264


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_multiprocessing.pyd
    .dll windows:6 windows x64 arch:x64

    9ff0f8f78fa8876d3d00f9ec2aa78b75


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_overlapped.pyd
    .dll windows:6 windows x64 arch:x64

    1f6b0816935b9dea5ee9898c98097635


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_queue.pyd
    .dll windows:6 windows x64 arch:x64

    efe3e840cb4904222351e9b7f17afea3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_socket.pyd
    .dll .js windows:6 windows x64 arch:x64 polyglot

    de62106114a70bb3c0dfb5c6513e0ba1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_ssl.pyd
    .dll windows:6 windows x64 arch:x64

    13fce691387104194c39d61bca67aa4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/_wmi.pyd
    .dll windows:6 windows x64 arch:x64

    7e3fdc8d0eb0570a9b19a000cd6e731d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-private-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/base_library.zip
    .zip
  • _collections_abc.pyc
  • _weakrefset.pyc
  • abc.pyc
  • codecs.pyc
  • collections/__init__.pyc
  • collections/abc.pyc
  • copyreg.pyc
  • encodings/__init__.pyc
  • encodings/aliases.pyc
  • encodings/ascii.pyc
  • encodings/base64_codec.pyc
  • encodings/big5.pyc
  • encodings/big5hkscs.pyc
  • encodings/bz2_codec.pyc
  • encodings/charmap.pyc
  • encodings/cp037.pyc
  • encodings/cp1006.pyc
  • encodings/cp1026.pyc
  • encodings/cp1125.pyc
  • encodings/cp1140.pyc
  • encodings/cp1250.pyc
  • encodings/cp1251.pyc
  • encodings/cp1252.pyc
  • encodings/cp1253.pyc
  • encodings/cp1254.pyc
  • encodings/cp1255.pyc
  • encodings/cp1256.pyc
  • encodings/cp1257.pyc
  • encodings/cp1258.pyc
  • encodings/cp273.pyc
  • encodings/cp424.pyc
  • encodings/cp437.pyc
  • encodings/cp500.pyc
  • encodings/cp720.pyc
  • encodings/cp737.pyc
  • encodings/cp775.pyc
  • encodings/cp850.pyc
  • encodings/cp852.pyc
  • encodings/cp855.pyc
  • encodings/cp856.pyc
  • encodings/cp857.pyc
  • encodings/cp858.pyc
  • encodings/cp860.pyc
  • encodings/cp861.pyc
  • encodings/cp862.pyc
  • encodings/cp863.pyc
  • encodings/cp864.pyc
  • encodings/cp865.pyc
  • encodings/cp866.pyc
  • encodings/cp869.pyc
  • encodings/cp874.pyc
  • encodings/cp875.pyc
  • encodings/cp932.pyc
  • encodings/cp949.pyc
  • encodings/cp950.pyc
  • encodings/euc_jis_2004.pyc
  • encodings/euc_jisx0213.pyc
  • encodings/euc_jp.pyc
  • encodings/euc_kr.pyc
  • encodings/gb18030.pyc
  • encodings/gb2312.pyc
  • encodings/gbk.pyc
  • encodings/hex_codec.pyc
  • encodings/hp_roman8.pyc
  • encodings/hz.pyc
  • encodings/idna.pyc
  • encodings/iso2022_jp.pyc
  • encodings/iso2022_jp_1.pyc
  • encodings/iso2022_jp_2.pyc
  • encodings/iso2022_jp_2004.pyc
  • encodings/iso2022_jp_3.pyc
  • encodings/iso2022_jp_ext.pyc
  • encodings/iso2022_kr.pyc
  • encodings/iso8859_1.pyc
  • encodings/iso8859_10.pyc
  • encodings/iso8859_11.pyc
  • encodings/iso8859_13.pyc
  • encodings/iso8859_14.pyc
  • encodings/iso8859_15.pyc
  • encodings/iso8859_16.pyc
  • encodings/iso8859_2.pyc
  • encodings/iso8859_3.pyc
  • encodings/iso8859_4.pyc
  • encodings/iso8859_5.pyc
  • encodings/iso8859_6.pyc
  • encodings/iso8859_7.pyc
  • encodings/iso8859_8.pyc
  • encodings/iso8859_9.pyc
  • encodings/johab.pyc
  • encodings/koi8_r.pyc
  • encodings/koi8_t.pyc
  • encodings/koi8_u.pyc
  • encodings/kz1048.pyc
  • encodings/latin_1.pyc
  • encodings/mac_arabic.pyc
  • encodings/mac_croatian.pyc
  • encodings/mac_cyrillic.pyc
  • encodings/mac_farsi.pyc
  • encodings/mac_greek.pyc
  • encodings/mac_iceland.pyc
  • encodings/mac_latin2.pyc
  • encodings/mac_roman.pyc
  • encodings/mac_romanian.pyc
  • encodings/mac_turkish.pyc
  • encodings/mbcs.pyc
  • encodings/oem.pyc
  • encodings/palmos.pyc
  • encodings/ptcp154.pyc
  • encodings/punycode.pyc
  • encodings/quopri_codec.pyc
  • encodings/raw_unicode_escape.pyc
  • encodings/rot_13.pyc
  • encodings/shift_jis.pyc
  • encodings/shift_jis_2004.pyc
  • encodings/shift_jisx0213.pyc
  • encodings/tis_620.pyc
  • encodings/undefined.pyc
  • encodings/unicode_escape.pyc
  • encodings/utf_16.pyc
  • encodings/utf_16_be.pyc
  • encodings/utf_16_le.pyc
  • encodings/utf_32.pyc
  • encodings/utf_32_be.pyc
  • encodings/utf_32_le.pyc
  • encodings/utf_7.pyc
  • encodings/utf_8.pyc
  • encodings/utf_8_sig.pyc
  • encodings/uu_codec.pyc
  • encodings/zlib_codec.pyc
  • enum.pyc
  • functools.pyc
  • genericpath.pyc
  • heapq.pyc
  • io.pyc
  • keyword.pyc
  • linecache.pyc
  • locale.pyc
  • ntpath.pyc
  • operator.pyc
  • os.pyc
  • posixpath.pyc
  • re/__init__.pyc
  • re/_casefix.pyc
  • re/_compiler.pyc
  • re/_constants.pyc
  • re/_parser.pyc
  • reprlib.pyc
  • sre_compile.pyc
  • sre_constants.pyc
  • sre_parse.pyc
  • stat.pyc
  • traceback.pyc
  • types.pyc
  • warnings.pyc
  • weakref.pyc
  • _internal/config.ini
  • _internal/cv2/__init__.py
  • _internal/cv2/config-3.py
  • _internal/cv2/config.py
  • _internal/cv2/cv2.pyd
    .dll windows:6 windows x64 arch:x64

    fdb60962d39032bef360837cc6049a9c


    Headers

    Imports

    Exports

    Sections

  • _internal/cv2/data/__init__.py
  • _internal/cv2/gapi/__init__.py
  • _internal/cv2/load_config_py3.py
  • _internal/cv2/mat_wrapper/__init__.py
  • _internal/cv2/misc/__init__.py
  • _internal/cv2/misc/version.py
  • _internal/cv2/opencv_videoio_ffmpeg481_64.dll
    .dll windows:4 windows x64 arch:x64

    e4d00c955bbef72b9e6d22e33ed39ef2


    Headers

    Imports

    Exports

    Sections

  • _internal/cv2/typing/__init__.py
  • _internal/cv2/utils/__init__.py
  • _internal/cv2/version.py
  • _internal/libcrypto-3.dll
    .dll windows:6 windows x64 arch:x64

    40bce6a23883072a66c68006f08e105c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/libffi-8.dll
    .dll windows:6 windows x64 arch:x64

    3dc8b86d60f90a1851eee5f9dc191312


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/libssl-3.dll
    .dll windows:6 windows x64 arch:x64

    d7b4c2840f7d9940b920a4860e6a80b5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/numpy.libs/libopenblas64__v0.3.23-293-gc2f4bdbb-gcc_10_3_0-2bde3a66a51006b2b53eb373ff767a3f.dll
    .dll windows:4 windows x64 arch:x64

    0192801a74ab651a7e6801eb031117e5


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/core/_multiarray_tests.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    f348f09e73d4e021cebb56432f40b2a0


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/core/_multiarray_umath.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    71b735f38add843b466579b8f0b1b1d3


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/fft/_pocketfft_internal.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    881d1c66e3d28fe70ac556b790242e4e


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/linalg/_umath_linalg.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    333a6da450f01331b0f3132254a3f5e6


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_bounded_integers.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    74ec45d3035a0a004d5141ffe64fcd6d


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_common.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    9b78db7d5e2e6f4f24872b8e02fc4de0


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_generator.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    031049d0f2da08f99fe199c9d5a5ceb0


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_mt19937.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    a4548ad2653489eeb3526cec840cad75


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_pcg64.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    4df68f9f0d4adacc4a14dcbe271857bc


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_philox.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    df89d2c3f8368ea731401d4e6973816f


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/_sfc64.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    39196fb2bbff505952aa1c99528383b5


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/bit_generator.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    8c0a7fc114089a4a80930d13233acfdf


    Headers

    Imports

    Exports

    Sections

  • _internal/numpy/random/mtrand.cp312-win_amd64.pyd
    .dll windows:6 windows x64 arch:x64

    3094cfb0ebbdbd4c98f39ae43fe28697


    Headers

    Imports

    Exports

    Sections

  • _internal/psutil/_psutil_windows.pyd
    .dll windows:6 windows x64 arch:x64

    7655a95700b7d9f6fc1f226e258e1235


    Headers

    Imports

    Exports

    Sections

  • _internal/pyexpat.pyd
    .dll windows:6 windows x64 arch:x64

    cf5b5f91e5aeac3c5953a0b69a300283


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/python3.dll
    .dll windows:6 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • _internal/python312.dll
    .dll windows:6 windows x64 arch:x64

    dce053bb13a45d9d368c681724aa9e53


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/pywin32_system32/pywintypes312.dll
    .dll windows:6 windows x64 arch:x64

    1932dc7308cebcb6a466b352c2b3e5cc


    Headers

    Imports

    Exports

    Sections

  • _internal/select.pyd
    .dll windows:6 windows x64 arch:x64

    e41677fc9cd5514cd954ce2ce19e425c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/ucrtbase.dll
    .dll windows:10 windows x64 arch:x64

    5ae9a136fafa10321f3d48251bf4f6a1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/unicodedata.pyd
    .dll windows:6 windows x64 arch:x64

    a3519e9a1b69560ea1c5fe43fd626ac5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _internal/version.txt
  • _internal/win32/win32api.pyd
    .dll windows:6 windows x64 arch:x64

    409a2c6c7728752ffdaf229681d7bcf1


    Headers

    Imports

    Exports

    Sections

  • _internal/win32/win32pdh.pyd
    .dll windows:6 windows x64 arch:x64

    c36a2453a11035377e69ac470356482f


    Headers

    Imports

    Exports

    Sections

  • Bin/Aim/nezuraim.exe
    .exe windows:5 windows x64 arch:x64

    bae3d3e8262d7ce7e9ee69cc1b630d3a


    Headers

    Imports

    Sections

  • aimsource.pyc
  • Bin/Models/Arsenal.onnx
  • Bin/Models/BladeBall.onnx
  • Bin/Models/DaHood.onnx
  • Bin/Models/PhantomForces.onnx
  • Bin/Models/Universal.onnx
  • DirectML.dll
    .dll windows:6 windows x64 arch:x64

    de90869f37e914fc01b99c913f65b5b5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Nezur.exe
    .exe windows:6 windows x64 arch:x64

    90d2464c05751e0163b327ef7e8a4518


    Headers

    Imports

    Sections

  • onnxruntime.dll
    .dll windows:6 windows x64 arch:x64

    39e1a29a795654c064e5e6ee1d09c320


    Code Sign

    Headers

    Imports

    Exports

    Sections