54610a47fa0f5cf44b9c00bfdb270450_NEAS

Sharing

Copy URL

Twitter E-mail

General

Target

54610a47fa0f5cf44b9c00bfdb270450_NEAS
Size

5.4MB
MD5

54610a47fa0f5cf44b9c00bfdb270450
SHA1

d5bbaa7d291d4a960edb29bb4ebce291838f0ea4
SHA256

243937f1cfb543111e13ccae213f5854ab36b81ac9bdab77dee7c91774ef1056
SHA512

3ad2f15ba8033091c632b0b695e07b77efec666bb7e73abb18e99901decd7ef90355d4d5ce238893e6699ff6975de0658011a8295a7b5fe6905694e3ed109499
SSDEEP

98304:XVQNOc9YogGCUPE9ZjkTmKgWwb5RVcyjAOtka+muTwhOMOGT37fT2f/IRQ9cvN:lQNOc+ocxzQyIwbCDMoGTLSf/IRQW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54610a47fa0f5cf44b9c00bfdb270450_NEAS

Files

54610a47fa0f5cf44b9c00bfdb270450_NEAS
.exe windows:5 windows x86 arch:x86

03f684de7eeaa120f050d4fa44731781

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\AtenProject\VSR_Linux\vlsman\Release_No_MySql\vlsman.pdb

Imports

iphlpapi

GetBestInterfaceEx
ConvertInterfaceIndexToLuid
GetBestRoute2
GetIpNetEntry2
ResolveIpNetEntry2
GetAdaptersInfo
GetAdaptersAddresses

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

ws2_32

select
freeaddrinfo
connect
recv
__WSAFDIsSet
getsockname
getpeername
htonl
htons
WSAGetLastError
inet_ntoa
gethostbyname
inet_addr
ntohs
bind
sendto
listen
getsockopt
shutdown
accept
getaddrinfo
socket
setsockopt
send
WSAStartup
ioctlsocket
recvfrom
closesocket
WSACleanup

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
DeleteService
ControlService
QueryServiceStatus
StartServiceA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle

mpr

WNetAddConnection2A
WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

kernel32

CopyFileA
GetCurrentDirectoryW
FindFirstFileExA
SetEnvironmentVariableA
IsValidLocale
EnumSystemLocalesA
WriteConsoleW
CompareStringW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
IsValidCodePage
SetHandleCount
GetConsoleCP
GetLocaleInfoW
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
HeapQueryInformation
VirtualQuery
PeekNamedPipe
GetFileInformationByHandle
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
ExitProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
GetDateFormatA
GetTimeFormatA
RaiseException
EncodePointer
DecodePointer
RtlUnwind
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetWindowsDirectoryA
GetTempFileNameA
SetErrorMode
GetACP
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetVolumeInformationA
DuplicateHandle
MoveFileA
lstrcmpiA
lstrcpyA
GetThreadLocale
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
ReleaseActCtx
CreateActCtxW
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
FindResourceA
FreeResource
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleW
ActivateActCtx
DeactivateActCtx
SuspendThread
ResumeThread
SetThreadPriority
GlobalSize
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
lstrlenA
GetTickCount
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetDriveTypeW
CreateDirectoryA
GetTempPathA
DeleteFileA
GetLocalTime
FindClose
FindNextFileA
FindFirstFileA
Sleep
CreateThread
InitializeCriticalSection
SetEvent
GetDiskFreeSpaceExA
GlobalFree
GlobalAlloc
WaitForSingleObject
CreateEventA
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateFileA
ReadFile
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
GetModuleFileNameA
CloseHandle
MultiByteToWideChar
RemoveDirectoryA
OutputDebugStringA
GetSystemInfo
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetVersionExA
GetFileAttributesA
GetComputerNameA
GetCurrentDirectoryA
GetSystemTimes
GetModuleHandleA
DeviceIoControl
FormatMessageA
SetNamedPipeHandleState
WaitNamedPipeA
ReleaseMutex
CreateMutexA
GetTimeZoneInformation
FlushViewOfFile
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
WaitForSingleObjectEx
UnmapViewOfFile
UnlockFileEx
UnlockFile
SetFilePointer
SetEndOfFile
QueryPerformanceCounter
MapViewOfFile
LockFileEx
LockFile
LocalFree
LoadLibraryW
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetTempPathW
GetSystemTimeAsFileTime
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FormatMessageW
FlushFileBuffers
DeleteFileW
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
AreFileApisANSI
TryEnterCriticalSection
GetCurrentThreadId
GetVolumeInformationW
GetDriveTypeA
GetLogicalDrives
VirtualAlloc
VirtualFree
GetVersion
GetFileType
GetStdHandle
GlobalMemoryStatus
FlushConsoleInputBuffer
SetLastError

hid

HidP_MaxUsageListLength
HidP_GetSpecificValueCaps
HidP_GetSpecificButtonCaps
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_SetFeature
HidD_GetFeature

user32

CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
DestroyMenu
GetMenuItemInfoA
UnregisterClassA
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
DestroyIcon
IsIconic
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
InvalidateRect
DeleteMenu
IntersectRect
InflateRect
GetDesktopWindow
NotifyWinEvent
ShowWindow
MoveWindow
SetWindowTextA
ReuseDDElParam
UnpackDDElParam
EndDialog
CreateDialogIndirectParamA
RegisterClipboardFormatA
GetMenuDefaultItem
AppendMenuA
GetMenuStringA
GetMenuState
InvertRect
HideCaret
EnableScrollBar
ValidateRect
GetCursorPos
GetKeyState
SendMessageA
IsWindowVisible
GetActiveWindow
DispatchMessageA
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
FillRect
TabbedTextOutA
DrawTextA
GetIconInfo
GrayStringA
ScreenToClient
ClientToScreen
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
RealChildWindowFromPoint
LoadMenuA
GetWindowDC
BeginPaint
EndPaint
GetSysColor
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
GetWindowThreadProcessId
PostQuitMessage
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetCursor
ShowOwnedPopups
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
WaitMessage
KillTimer
SetTimer
GetSysColorBrush
GetSystemMetrics
LoadCursorA
UnhookWindowsHookEx
SetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
PtInRect
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetWindowRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetClientRect
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetMenuItemID
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
CopyImage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDC
SetFocus
IsWindow
RemovePropA
GetPropA
SetPropA
ReleaseDC
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
GetClassNameA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
LoadIconW
RegisterWindowMessageA
CheckDlgButton
IsDialogMessageA
CharUpperA
PostThreadMessageA
PeekMessageA
DrawTextExA
PostMessageA

gdi32

CreateDCA
SetPixelV
CopyMetaFileA
GetDeviceCaps
CreateCompatibleBitmap
GetObjectA
CreateDIBSection
SelectObject
DeleteObject
BitBlt
PatBlt
ExcludeClipRect
GetTextFaceA
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
GetTextExtentPoint32A
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
SaveDC
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

SHAppBarMessage
SHGetFolderPathA
ShellExecuteA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecA
PathFileExistsA
StrTrimA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoInitialize
CoUninitialize
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarBstrFromDate
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
OleCreateFontIndirect
SysAllocString

oledlg

ord8

wsock32

WSASetLastError

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDrawImageI
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipBitmapUnlockBits

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 835KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03f684de7eeaa120f050d4fa44731781

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

setupapi

ws2_32

advapi32

mpr

kernel32

hid

user32

gdi32

msimg32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wsock32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 150KB - Virtual size: 835KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 289KB - Virtual size: 289KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 150KB - Virtual size: 835KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 289KB - Virtual size: 289KB