44bd45f43008076d4773d066551a5fe0_NEAS

Sharing

Copy URL

Twitter E-mail

General

Target

44bd45f43008076d4773d066551a5fe0_NEAS
Size

3.2MB
MD5

44bd45f43008076d4773d066551a5fe0
SHA1

807f663747f9a76dc3aacbe48125bc780ebe4ce6
SHA256

083406e0be68b63bfe1186507b71029c848f94f9e83e9b4cb8770746f7616fbe
SHA512

5fd5b8873066c1a25288843923346b76d820d45e211cd69d5a06bcfbeba6d960510c68133058591fbf05a803904d4d18773abdb3dc6f7447691bfa3b76a0da39
SSDEEP

24576:PQoodoLu75P0HzruEC/D04qZukZbc6Qd2naFiQ70xOa7AZGxTnbTVQQGD8wuK3Wj:P4EvLZo2aFskU5bTVQQKWwwc3IyXc/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44bd45f43008076d4773d066551a5fe0_NEAS

Files

44bd45f43008076d4773d066551a5fe0_NEAS
.exe windows:5 windows x86 arch:x86

3ce7a62b59c8b627921e36829b6e7094

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr110

_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_except_handler4_common
__crtSetUnhandledExceptionFilter
_lock
_controlfp_s
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
realloc
frexp
_CIpow
ldexp
ceil
_ftol
floor
_errno
calloc
_libm_sse2_sqrt_precise
atol
__mb_cur_max
_isctype
_pctype
strncmp
memchr
qsort
strrchr
strncpy
memmove
ferror
_purecall
_CItanh
_CIsinh
_CIcosh
_mkdir
_time64
_ctime64
_chdir
_getcwd
_setjmp3
longjmp
__iob_func
__libm_sse2_atan2
printf
feof
__libm_sse2_expf
??2@YAPAXI@Z
fgets
ftell
fseek
__libm_sse2_tanf
__libm_sse2_powf
__libm_sse2_pow
__libm_sse2_logf
__libm_sse2_log
_endthread
_beginthread
fread
__libm_sse2_cos
__libm_sse2_asinf
rand
__libm_sse2_sin
__libm_sse2_acosf
__libm_sse2_acos
sscanf
memset
memcpy
__libm_sse2_atanf
sprintf
fwrite
fprintf
fopen
fclose
__libm_sse2_sinf
__libm_sse2_cosf
__CxxFrameHandler3
malloc
free
??3@YAXPAX@Z
_invoke_watson

d3d9

Direct3DCreate9

d3dx9_43

D3DXAssembleShader
D3DXMatrixInverse
D3DXMatrixMultiply
D3DXCreateEffect
D3DXMatrixPerspectiveFovLH
D3DXMatrixOrthoLH

ws2_32

WSAStartup
gethostname
WSAGetLastError
WSACancelBlockingCall
inet_addr
gethostbyname
socket
setsockopt
send
recv
listen
htons
ioctlsocket
connect
closesocket
bind
accept
WSACleanup

kernel32

LoadLibraryA
FindClose
TerminateThread
SetThreadPriority
CreateThread
GetProcAddress
FreeLibrary
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
FindNextFileA
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
IsDebuggerPresent
FindFirstFileA
ExitThread

user32

RegisterClassA
UnregisterClassA
CreateWindowExA
DestroyWindow
ShowWindow
MoveWindow
CreateDialogParamA
SetFocus
GetKeyState
GetSystemMetrics
SetForegroundWindow
GetDC
ReleaseDC
InvalidateRect
ValidateRect
RedrawWindow
SetWindowTextA
GetClientRect
GetWindowRect
GetCursorPos
CreateCaret
PostQuitMessage
ScreenToClient
DestroyCursor
LoadIconA
GetWindowModuleFileNameA
SetCursorPos
LoadCursorA
GetParent
SetCursor
UpdateWindow
SetDlgItemTextA
GetDlgItem
EndDialog
SendMessageA
DialogBoxParamA
GetDesktopWindow
DefWindowProcA
PostMessageA
PeekMessageA
DispatchMessageA
ShowCaret
TranslateMessage

gdi32

SetTextAlign
CreateDIBSection
GetObjectA
SelectObject
SetTextColor
GetStockObject
SetMapMode
SetBkColor
DeleteObject
DeleteDC
CreateFontA
ExtTextOutA
GetTextExtentPoint32A
CreateCompatibleDC

shell32

DragQueryFileA
DragFinish
ShellExecuteA
SHGetSpecialFolderPathA

dsound

ord2
ord11

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 66.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 653KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ce7a62b59c8b627921e36829b6e7094

Headers

DLL Characteristics

File Characteristics

Imports

msvcr110

d3d9

d3dx9_43

ws2_32

kernel32

user32

gdi32

shell32

dsound

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 275KB - Virtual size: 275KB

.data Size: 173KB - Virtual size: 66.8MB

.rsrc Size: 653KB - Virtual size: 653KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 275KB - Virtual size: 275KB

.data
Size: 173KB - Virtual size: 66.8MB

.rsrc
Size: 653KB - Virtual size: 653KB