33edd9ac7f20da7b7afbcc111f13de10_NEAS

Sharing

Copy URL

Twitter E-mail

General

Target

33edd9ac7f20da7b7afbcc111f13de10_NEAS
Size

3.7MB
MD5

33edd9ac7f20da7b7afbcc111f13de10
SHA1

57db4862ba2c2e6dfa8e1b0aac760f8c89509dc7
SHA256

d3ca4b3e49624f799f2452de315439641479beaab65a7e65ba5275e889d1e23b
SHA512

8d49dcb3d01a7e349e1dc06c50c4cdf92bdd9a08f25fcf3d8505ebef2f20db45d9c07ba509e06b4848f8a218e1f4776994e159ee498778e2eaf74a09a98e50dd
SSDEEP

98304:Iaa9ciIQge980cKl4wFSvvCp23xFjg60dM:ta9RlHSx3xFjgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33edd9ac7f20da7b7afbcc111f13de10_NEAS

Files

33edd9ac7f20da7b7afbcc111f13de10_NEAS
.dll windows:6 windows x86 arch:x86

b708065e23be7ec00d9ae20df41ed6ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\kagrelease-premium\label\vm-win10-build\Game\Juxta.pdb

Imports

ws2_32

WSACleanup
WSAStartup
gethostbyname
socket
setsockopt
select
listen
inet_ntoa
inet_addr
htonl
connect
closesocket
bind
accept
__WSAFDIsSet
ntohs
ntohl
htons
send
freeaddrinfo
WSAGetLastError
WSARecvFrom
WSASendTo
ioctlsocket
recv
getaddrinfo

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

irrlicht

createDeviceEx
createDevice
?IdentityMatrix@core@irr@@3V?$CMatrix4@M@12@B

irrklang

?createIrrKlangDevice@irrklang@@YAPAVISoundEngine@1@W4E_SOUND_OUTPUT_DRIVER@1@HPBD1@Z

libcurl

curl_easy_setopt
curl_easy_init
curl_easy_perform
curl_easy_cleanup
curl_slist_append
curl_multi_info_read
curl_multi_cleanup
curl_multi_perform
curl_multi_remove_handle
curl_multi_add_handle
curl_multi_init
curl_easy_reset
curl_easy_getinfo
curl_easy_strerror
curl_slist_free_all

sdl

SDL_CreateMutex
SDL_mutexP
SDL_mutexV
SDL_DestroyMutex
SDL_CreateThread
SDL_WaitThread
SDL_GetError
SDL_KillThread

steam_api

SteamAPI_Shutdown
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamUserStats
SteamAPI_IsSteamRunning
SteamAPI_Init
SteamUser
SteamApps
SteamUtils
SteamFriends
SteamAPI_RunCallbacks

kernel32

CloseHandle
GetFileTime
FindNextFileA
FindFirstFileA
FindClose
CreateFileW
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
DisableThreadLibraryCalls
GetProcAddress
InitializeSListHead
IsDebuggerPresent
GetFileAttributesA
MoveFileExA
IsProcessorFeaturePresent
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId

shell32

ShellExecuteA

msvcp140

?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

vcruntime140

__current_exception_context
__current_exception
strstr
strchr
__RTDynamicCast
strrchr
__std_type_info_name
memchr
__std_type_info_destroy_list
memset
_except_handler4_common
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
memmove
_purecall

api-ms-win-crt-runtime-l1-1-0

perror
system
abort
_cexit
_initterm
_register_onexit_function
_errno
strerror
_crt_atexit
exit
_execute_onexit_table
_initialize_onexit_table
_initterm_e
terminate
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

_get_stream_buffer_pointers
fgets
ferror
feof
__stdio_common_vfwprintf
__stdio_common_vfscanf
fgetc
__stdio_common_vsnprintf_s
fgetpos
__stdio_common_vsprintf
__stdio_common_vsscanf
puts
__stdio_common_vsprintf_s
fputc
__stdio_common_vfprintf
ungetc
setvbuf
tmpnam
fseek
ftell
rewind
putc
_fseeki64
getc
fwrite
fread
fopen
fopen_s
_getcwd
fflush
fclose
__acrt_iob_func
fsetpos
__stdio_common_vswprintf

api-ms-win-crt-time-l1-1-0

strftime
_gmtime64
_ctime64
_time64
_mktime64
_localtime64

api-ms-win-crt-string-l1-1-0

strncat
strncmp
strtok
isalnum
strncpy
strpbrk
_strdup
tolower
toupper

api-ms-win-crt-filesystem-l1-1-0

_access
_unlock_file
_lock_file
_wchdir
remove
_mkdir

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-math-l1-1-0

_finite
_libm_sse2_acos_precise
_libm_sse2_log_precise
ceil
_libm_sse2_atan_precise
_libm_sse2_tan_precise
_libm_sse2_asin_precise
modf
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
_libm_sse2_sin_precise
floor
_CIatan2
_libm_sse2_pow_precise
_CIfmod
__libm_sse2_pow

api-ms-win-crt-convert-l1-1-0

strtod
wcstol
atol
_itoa
_wtof
atoi

api-ms-win-crt-locale-l1-1-0

setlocale

Exports

Exports

GameDLLInit
asAcquireExclusiveLock
asAcquireSharedLock
asAtomicDec
asAtomicInc
asCreateLockableSharedBool
asCreateScriptEngine
asGetActiveContext
asGetLibraryOptions
asGetLibraryVersion
asGetThreadManager
asPrepareMultithread
asReleaseExclusiveLock
asReleaseSharedLock
asResetGlobalMemoryFunctions
asSetGlobalMemoryFunctions
asThreadCleanup
asUnprepareMultithread

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b708065e23be7ec00d9ae20df41ed6ba

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

winmm

irrlicht

irrklang

libcurl

sdl

steam_api

kernel32

shell32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 519KB - Virtual size: 519KB

.data Size: 34KB - Virtual size: 6.6MB

.rsrc Size: 1024B - Virtual size: 748B

.reloc Size: 175KB - Virtual size: 174KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 519KB - Virtual size: 519KB

.data
Size: 34KB - Virtual size: 6.6MB

.rsrc
Size: 1024B - Virtual size: 748B

.reloc
Size: 175KB - Virtual size: 174KB