576a4339636bc76145d41a5d59c42230_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

576a4339636bc76145d41a5d59c42230_NEAS
Size

9.0MB
MD5

576a4339636bc76145d41a5d59c42230
SHA1

087779cffa73a46e701f180edb2da9394da7d929
SHA256

bb52d46badfbdd17fc3e522bebc55c8f795b840532d4a2043a23b5e2dd588699
SHA512

7d15056a1f1eadd619a8c04744405d7a0cdfe0f3fbb4b5d2b3df003811f4e277390ba1be468d6c278449a9ff23b1d1ead459b56731785ad85fd50bc5c046eeb2
SSDEEP

196608:F4yDahYUANpGgjOaBskobRfIQvNih2dstC:yiaOUl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
576a4339636bc76145d41a5d59c42230_NEAS

Files

576a4339636bc76145d41a5d59c42230_NEAS
.exe windows:4 windows x86 arch:x86

e179043de780dc86711621376a0188ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libtesseract-5

_Z7tfscanfP6_iobufPKcz
_ZN9tesseract10MakeSampleEPNS_9CLUSTEREREPKfj
_ZN9tesseract10ParamUtils14ReadParamsFileEPKcNS_18SetParamConstraintEPNS_13ParamsVectorsE
_ZN9tesseract10ScrollView10AwaitEventENS_11SVEventTypeE
_ZN9tesseract10ScrollView5ClearEv
_ZN9tesseract10ScrollView6UpdateEv
_ZN9tesseract10ShapeTable10AddToShapeEjii
_ZN9tesseract10ShapeTable11DeSerializeEPNS_5TFileE
_ZN9tesseract10ShapeTable11MergeShapesEjj
_ZN9tesseract10ShapeTable18AppendMasterShapesERKS0_PSt6vectorIiSaIiEE
_ZN9tesseract10ShapeTable8AddShapeERKNS_5ShapeE
_ZN9tesseract10ShapeTable8AddShapeEii
_ZN9tesseract10ShapeTableC1ERKNS_10UNICHARSETE
_ZN9tesseract10ShapeTableC1Ev
_ZN9tesseract10UNICHARMAP5clearEv
_ZN9tesseract10UNICHARSET10add_scriptEPKc
_ZN9tesseract10UNICHARSET14load_from_fileEP6_iobufb
_ZN9tesseract10UNICHARSET14unichar_insertEPKcNS_18OldUncleanUnicharsE
_ZN9tesseract10UNICHARSET15post_load_setupEv
_ZN9tesseract10UNICHARSET16kCustomLigaturesE
_ZN9tesseract10UNICHARSET20kSpecialUnicharCodesE
_ZN9tesseract10UNICHARSET21AppendOtherUnicharsetERKS0_
_ZN9tesseract10UNICHARSET29PartialSetPropertiesFromOtherEiRKS0_
_ZN9tesseract10UNICHARSETC1Ev
_ZN9tesseract10UNICHARSETD1Ev
_ZN9tesseract11TessBaseAPI7VersionEv
_ZN9tesseract12GlobalParamsEv
_ZN9tesseract12IndexMapBiDi11DeSerializeEbP6_iobuf
_ZN9tesseract12IndexMapBiDi14CompleteMergesEv
_ZN9tesseract12IndexMapBiDi4InitEib
_ZN9tesseract12IndexMapBiDi5MergeEii
_ZN9tesseract12IndexMapBiDi5SetupEv
_ZN9tesseract12IndexMapBiDi6SetMapEib
_ZN9tesseract12IndexMapBiDiD1Ev
_ZN9tesseract13CHAR_FRAGMENT17parse_from_stringEPKc
_ZN9tesseract13FontInfoTable6MoveToEPNS_12UnicityTableINS_8FontInfoEEE
_ZN9tesseract13FontInfoTableC1Ev
_ZN9tesseract13FontInfoTableD1Ev
_ZN9tesseract13FreeProtoListEPPNS_8list_recE
_ZN9tesseract13InitIntegerFXEv
_ZN9tesseract13MakeClustererEsPKNS_10PARAM_DESCE
_ZN9tesseract13MergeClustersEsPNS_10PARAM_DESCEiiPfS2_S2_
_ZN9tesseract14MakeBoxFileStrEPKcRKNS_4TBOXEiRNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN9tesseract14TrainingSample13IndexFeaturesERKNS_15IntFeatureSpaceE
_ZN9tesseract14TrainingSample15ExtractCharDescEiiiiPNS_16CHAR_DESC_STRUCTE
_ZN9tesseract14TrainingSampleD1Ev
_ZN9tesseract14kCNFeatureTypeE
_ZN9tesseract15ComputeDistanceEiPNS_10PARAM_DESCEPfS2_
_ZN9tesseract15InitFeatureDefsEPNS_19FEATURE_DEFS_STRUCTE
_ZN9tesseract15IntFeatureSpace4InitEhhh
_ZN9tesseract15IntFeatureSpaceC1Ev
_ZN9tesseract15ParseBoxFileStrEPKcPiRNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEPNS_4TBOXE
_ZN9tesseract15ShapeClassifier12DebugDisplayERKNS_14TrainingSampleENS_5ImageEi
_ZN9tesseract15kGeoFeatureTypeE
_ZN9tesseract15kIntFeatureTypeE
_ZN9tesseract16FeatureDirectionEh
_ZN9tesseract16RenderIntFeatureEPNS_10ScrollViewEPKNS_18INT_FEATURE_STRUCTENS0_5ColorE
_ZN9tesseract17kMicroFeatureTypeE
_ZN9tesseract19ReadCharDescriptionERKNS_19FEATURE_DEFS_STRUCTEP6_iobuf
_ZN9tesseract20INT_TEMPLATES_STRUCTD1Ev
_ZN9tesseract22ShortNameToFeatureTypeERKNS_19FEATURE_DEFS_STRUCTEPKc
_ZN9tesseract23ClearFeatureSpaceWindowENS_11NORM_METHODEPNS_10ScrollViewE
_ZN9tesseract24CreateFeatureSpaceWindowEPKcii
_ZN9tesseract4pushEPNS_8list_recEPv
_ZN9tesseract5Image7destroyEv
_ZN9tesseract5STATS3addEii
_ZN9tesseract5STATSC1Eii
_ZN9tesseract5STATSD1Ev
_ZN9tesseract5Shape10AddToShapeEii
_ZN9tesseract5TFile4OpenEPKcPFbS2_PSt6vectorIcSaIcEEE
_ZN9tesseract5TFileC1Ev
_ZN9tesseract5TFileD1Ev
_ZN9tesseract6CCUtilC1Ev
_ZN9tesseract6CCUtilD1Ev
_ZN9tesseract7UNICHAR11UTF32ToUTF8B5cxx11ERKSt6vectorIiSaIiEE
_ZN9tesseract7UNICHAR11UTF8ToUTF32EPKc
_ZN9tesseract7UNICHAR14const_iteratorppEv
_ZN9tesseract7UNICHAR3endEPKci
_ZN9tesseract7UNICHAR5beginEPKci
_ZN9tesseract7destroyEPNS_8list_recE
_ZN9tesseract7tprintfEPKcz
_ZN9tesseract8Classify17WriteIntTemplatesEP6_iobufPNS_20INT_TEMPLATES_STRUCTERKNS_10UNICHARSETE
_ZN9tesseract8Classify18CreateIntTemplatesEPNS_12CLASS_STRUCTERKNS_10UNICHARSETE
_ZN9tesseract8ClassifyC1Ev
_ZN9tesseract9BitVector4InitEi
_ZN9tesseract9BitVectoraSERKS0_
_ZN9tesseract9FreeClassEPNS_12CLASS_STRUCTE
_ZN9tesseract9push_lastEPNS_8list_recEPv
_ZNK9tesseract10ShapeTable10SummaryStrB5cxx11Ev
_ZNK9tesseract10ShapeTable18MergedUnicharCountEjj
_ZNK9tesseract10ShapeTable22MasterDestinationIndexEj
_ZNK9tesseract10ShapeTable8DebugStrB5cxx11Ej
_ZNK9tesseract10ShapeTable9FindShapeEii
_ZNK9tesseract10ShapeTable9SerializeEP6_iobuf
_ZNK9tesseract10UNICHARSET13id_to_unicharEi
_ZNK9tesseract10UNICHARSET13unichar_to_idEPKc
_ZNK9tesseract10UNICHARSET14save_to_stringERNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNK9tesseract10UNICHARSET16contains_unicharEPKc
_ZNK9tesseract10UNICHARSET18UNICHAR_PROPERTIES13AnyRangeEmptyEv
_ZNK9tesseract10UNICHARSET9debug_strB5cxx11Ei
_ZNK9tesseract12IndexMapBiDi11MapFeaturesERKSt6vectorIiSaIiEEPS3_
_ZNK9tesseract12IndexMapBiDi9SerializeEP6_iobuf
_ZNK9tesseract13FontInfoTable25SetContainsFontPropertiesEiRKSt6vectorINS_10ScoredFontESaIS2_EE
_ZNK9tesseract13FontInfoTable33SetContainsMultipleFontPropertiesERKSt6vectorINS_10ScoredFontESaIS2_EE
_ZNK9tesseract13FontInfoTable9SerializeEP6_iobuf
_ZNK9tesseract14TrainingSample14RandomizedCopyEi
_ZNK9tesseract14TrainingSample15DisplayFeaturesENS_10ScrollView5ColorEPS1_
_ZNK9tesseract15IntFeatureSpace16XYToFeatureIndexEii
_ZNK9tesseract15IntFeatureSpace17PositionFromIndexEi
_ZNK9tesseract15IntFeatureSpace20IndexAndSortFeaturesEPKNS_18INT_FEATURE_STRUCTEiPSt6vectorIiSaIiEE
_ZNK9tesseract15IntFeatureSpace9SerializeEP6_iobuf
_ZNK9tesseract5STATS5printEv
_ZNK9tesseract5Shape15ContainsUnicharEi
_ZNK9tesseract7ERRCODE5errorEPKcNS_16TessErrorLogCodeES2_z
_ZNK9tesseract7UNICHAR14const_iterator8utf8_lenEv
_ZNK9tesseract7UNICHAR14const_iteratordeEv
_ZTVN9tesseract12IndexMapBiDiE

kernel32

DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

liblept-5

pixReadFromMultipageTiff

msvcrt

__getmainargs
__initenv
__lconv_init
__mb_cur_max
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_assert
_cexit
_errno
_initterm
_iob
_lock
_onexit
_unlock
abort
atoi
calloc
clearerr
clock
exit
fclose
feof
ferror
fgets
fopen
fprintf
fputc
fputs
fread
free
fwrite
getc
islower
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
realloc
setlocale
signal
strchr
strcmp
strerror
strlen
strncmp
strncpy
strstr
strtol
strtoul
tan
tolower
ungetc
vfprintf
wcslen
_unlink

icuin64

_ZN6icu_6414Transliterator14createInstanceERKNS_13UnicodeStringE15UTransDirectionR10UErrorCode

icuuc64

_ZN6icu_6411Normalizer211getInstanceEPKcS2_19UNormalization2ModeR10UErrorCode
_ZN6icu_6413UnicodeStringC1EPKc
_ZN6icu_6413UnicodeStringC1EPKcS2_
_ZN6icu_6413UnicodeStringC1Ei
_ZN6icu_6413UnicodeStringD1Ev
_ZN6icu_647UMemorydlEPv
_ZN6icu_649ErrorCode5resetEv
_ZN6icu_649ErrorCodeD2Ev
_ZNK6icu_6413UnicodeString11moveIndex32Eii
_ZNK6icu_6413UnicodeString8char32AtEi
_ZNK6icu_649ErrorCode13assertSuccessEv
_ZNK6icu_649ErrorCode9errorNameEv
_ZTVN6icu_6413UnicodeStringE
u_charDirection_64
u_charMirror_64
u_charType_64
u_hasBinaryProperty_64
u_isISOControl_64
u_isUWhiteSpace_64
u_isalpha_64
u_isdigit_64
u_islower_64
u_ispunct_64
u_isupper_64
u_tolower_64
u_toupper_64
uscript_getName_64
uscript_getScript_64

libgcc_s_sjlj-1

_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Unregister
__divdi3
__udivdi3
__umoddi3

libstdc++-6

_ZNKSt8__detail20_Prime_rehash_policy14_M_need_rehashEjjj
_ZNSi10_M_extractIdEERSiRT_
_ZNSt6locale7classicEv
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEjjPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6resizeEjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcjj
_ZNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5imbueERKSt6locale
_ZSt17__throw_bad_allocv
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt25__throw_bad_function_callv
_ZTTNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdaPvj
_ZdlPv
_ZdlPvj
_Znaj
_Znwj
__cxa_begin_catch
__cxa_end_catch
__cxa_pure_virtual
__cxa_rethrow
__cxa_throw_bad_array_new_length
__gxx_personality_sj0

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e179043de780dc86711621376a0188ec

Headers

File Characteristics

Imports

libtesseract-5

kernel32

liblept-5

msvcrt

icuin64

icuuc64

libgcc_s_sjlj-1

libstdc++-6

Sections

.text Size: 200KB - Virtual size: 200KB

.data Size: 512B - Virtual size: 200B

.rdata Size: 16KB - Virtual size: 16KB

.bss Size: - Virtual size: 5KB

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

/4 Size: 3KB - Virtual size: 2KB

/19 Size: 7.2MB - Virtual size: 7.2MB

/31 Size: 111KB - Virtual size: 111KB

/45 Size: 302KB - Virtual size: 301KB

/57 Size: 26KB - Virtual size: 26KB

/70 Size: 73KB - Virtual size: 72KB

/81 Size: 807KB - Virtual size: 807KB

/92 Size: 102KB - Virtual size: 101KB

.text
Size: 200KB - Virtual size: 200KB

.data
Size: 512B - Virtual size: 200B

.rdata
Size: 16KB - Virtual size: 16KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

/4
Size: 3KB - Virtual size: 2KB

/19
Size: 7.2MB - Virtual size: 7.2MB

/31
Size: 111KB - Virtual size: 111KB

/45
Size: 302KB - Virtual size: 301KB

/57
Size: 26KB - Virtual size: 26KB

/70
Size: 73KB - Virtual size: 72KB

/81
Size: 807KB - Virtual size: 807KB

/92
Size: 102KB - Virtual size: 101KB