988766d8a73e2c753d9419be2d719100_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

988766d8a73e2c753d9419be2d719100_NEAS
Size

1.1MB
MD5

988766d8a73e2c753d9419be2d719100
SHA1

4541ca07fcc87b28fdbc179c31d4d027cf70eb59
SHA256

4984e864321bd1bf1c03609c566a62c39b511d5d6596adc055a89d11e2937369
SHA512

cf23b63ac468e914e8eabfdbafb3b08ae6f29dc7941850b488d35d01b653e83c9719f81c5c419aebe224bd30ffbd31ece0c3e11be934ba2c285585d86e3864c3
SSDEEP

12288:1lltCfrpl6YqFRYoWkv4BdpwWfREHFSRprul6YqFRYoWX:0pQ1KoWkv4BdNaHFepuQ1KoWX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
988766d8a73e2c753d9419be2d719100_NEAS

Files

988766d8a73e2c753d9419be2d719100_NEAS
.exe windows:5 windows x86 arch:x86

2a286c812b14139ad076c42465bbcc72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\perforce\ATE-II\ECDU\Release\ECDU.pdb

Imports

msvcr100

_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
_crt_debugger_hook
__FrameUnwindFilter
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
memmove
?__ExceptionPtrCopy@@YAXPAXPBX@Z
_CxxThrowException
??2@YAPAXI@Z
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
clock
wcstombs_s
??_U@YAPAXI@Z
isspace
strtod
strcat_s
sprintf_s
remove
_cexit
_amsg_exit
??_V@YAXPAX@Z

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommState
SetCommState
CreateFileA
CloseHandle
Sleep
SetupComm
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
WriteFile

ipav_api

ar_putword
ser_get_string
ser_put_string
ar_getnext
ar_get_error
ser_set_baud_rate
ser_set_comm_config
ser_reset_comm
ser_enable_comm
ar_set_ip429hd_config
ar_loadslv
ar_go
ar_reset
ar_close

nicaiu

DAQmxCreateDIChan
DAQmxClearTask
DAQmxStopTask
DAQmxGetExtendedErrorInfo
DAQmxWriteDigitalLines
DAQmxStartTask
DAQmxCreateDOChan
DAQmxCreateTask
DAQmxWaitUntilTaskDone
DAQmxCreateAOVoltageChan
DAQmxWriteAnalogF64
DAQmxSetWriteRelativeTo
DAQmxCfgImplicitTiming
DAQmxCfgDigEdgeStartTrig
DAQmxReadDigitalLines
DAQmxCreateCOPulseChanFreq
DAQmxCfgSampClkTiming

smu2060

ord6
ord55
ord1
ord68
ord20
ord42
ord40
ord10
ord54
ord51
ord53
ord52
ord38
ord8
ord12
ord4
ord2

usbtoi2cpro

ord29
ord23
ord39
ord33

wpcap

pcap_compile
pcap_freealldevs
pcap_lookupnet
pcap_findalldevs_ex
pcap_open
pcap_close
pcap_sendpacket
pcap_next_ex
pcap_setfilter

visa32

ord141
ord129
ord130
ord132
ord131
ord271
ord269

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Xout_of_range@std@@YAXPBD@Z

mscoree

_CorExeMain

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 647KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a286c812b14139ad076c42465bbcc72

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100

kernel32

ipav_api

nicaiu

smu2060

usbtoi2cpro

wpcap

visa32

msvcp100

mscoree

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 647KB - Virtual size: 647KB

.data Size: 26KB - Virtual size: 8.9MB

.rsrc Size: 261KB - Virtual size: 260KB

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 647KB - Virtual size: 647KB

.data
Size: 26KB - Virtual size: 8.9MB

.rsrc
Size: 261KB - Virtual size: 260KB

.reloc
Size: 32KB - Virtual size: 32KB