044c6daf60622f3eb9546a0312554790_NEAS

Sharing

Copy URL Twitter E-mail

General

Target

044c6daf60622f3eb9546a0312554790_NEAS
Size

26KB
MD5

044c6daf60622f3eb9546a0312554790
SHA1

3f225274d469aef3efd64fd13fd4d839c6c63514
SHA256

626d1a812d7e459c8205717c4eb7f485ac265a05df6347934dd3fc9e98aefed7
SHA512

a59c97e6685e44916c9627218031838bf5894f075b3ee784f6b330680aadf31afa4303b9a721535e3e388841137f88058ac29f75285bd50f0c36298b5d7c3ecc
SSDEEP

384:YWcWxu+0aDuWNjpdE6mm71LiZwAqkkewO3FFF2EaGdBBkEakb5oB5oiEd7nhsLAx:Y1GAaDpdE6mm71GiAqaFFF0GjqBcIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044c6daf60622f3eb9546a0312554790_NEAS

Files

044c6daf60622f3eb9546a0312554790_NEAS
.exe windows:6 windows x86 arch:x86

958a0b17e7ebde710fcc669c5b7f7a06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

libllvm-18

_ZN4llvm11raw_ostream5writeEPKcj
_ZN4llvm11raw_ostream5writeEh
_ZN4llvm11raw_ostreamlsEl
_ZN4llvm12MemoryBuffer14getFileOrSTDINERKNS_5TwineEbbNSt3__18optionalINS_5AlignEEE
_ZN4llvm12machineToStrENS_4COFF12MachineTypesE
_ZN4llvm13ErrorInfoBase2IDE
_ZN4llvm14getMachineTypeENS_9StringRefE
_ZN4llvm14identify_magicENS_9StringRefE
_ZN4llvm15SmallVectorBaseIjE8grow_podEPvjj
_ZN4llvm16FileOutputBuffer6createENS_9StringRefEjj
_ZN4llvm16errorCodeToErrorENSt3__110error_codeE
_ZN4llvm16errorToErrorCodeENS_5ErrorE
_ZN4llvm17deallocate_bufferEPvjj
_ZN4llvm20getAsUnsignedIntegerENS_9StringRefEjRy
_ZN4llvm3opt12InputArgList13releaseMemoryEv
_ZN4llvm3opt15GenericOptTableC2ENS_8ArrayRefINS0_8OptTable4InfoEEEb
_ZN4llvm3opt8OptTableD2Ev
_ZN4llvm3sys4path17replace_extensionERNS_15SmallVectorImplIcEERKNS_5TwineENS1_5StyleE
_ZN4llvm3sys4path8filenameENS_9StringRefENS1_5StyleE
_ZN4llvm4errsEv
_ZN4llvm4outsEv
_ZN4llvm6object15WindowsResource12getHeadEntryEv
_ZN4llvm6object15WindowsResource21createWindowsResourceENS_15MemoryBufferRefE
_ZN4llvm6object16ResourceEntryRef8moveNextERb
_ZN4llvm6object21WindowsResourceParser5parseEPNS0_15WindowsResourceERNSt3__16vectorINS4_12basic_stringIcNS4_11char_traitsIcEENS4_9allocatorIcEEEENS9_ISB_EEEE
_ZN4llvm6object21WindowsResourceParserC1Eb
_ZN4llvm6object24writeWindowsResourceCOFFENS_4COFF12MachineTypesERKNS0_21WindowsResourceParserEj
_ZN4llvm8InitLLVMC1ERiRPPKcb
_ZN4llvm8InitLLVMD1Ev
_ZN4llvm9ErrorList2IDE
_ZNK4llvm12MemoryBuffer15getMemBufferRefEv
_ZNK4llvm3opt6Option7matchesENS0_12OptSpecifierE
_ZNK4llvm3opt7ArgList15getAllArgValuesENS0_12OptSpecifierE
_ZNK4llvm3opt7ArgList8getRangeESt16initializer_listINS0_12OptSpecifierEE
_ZNK4llvm3opt8OptTable9ParseArgsENS_8ArrayRefIPKcEERjS6_NS0_10VisibilityE
_ZNK4llvm3opt8OptTable9printHelpERNS_11raw_ostreamEPKcS5_bbNS0_10VisibilityE
_ZNK4llvm5Twine5printERNS_11raw_ostreamE
_ZNK4llvm6object21WindowsResourceParser9printTreeERNS_11raw_ostreamE
_ZTVN4llvm13ScopedPrinterE
_ZTVN4llvm9ErrorListE

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

libc++

_ZNKSt3__110error_code7messageEv
_ZNSt3__115system_categoryEv
_ZNSt3__119__shared_weak_count14__release_weakEv
_ZNSt3__122__libcpp_verbose_abortEPKcz
_ZdlPv
_Znwj
__cxa_pure_virtual

msvcrt

__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
memmove
signal
strlen
strncmp
time
vfprintf

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

958a0b17e7ebde710fcc669c5b7f7a06

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libllvm-18

kernel32

libc++

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 6KB

.buildid Size: 512B - Virtual size: 53B

.data Size: 512B - Virtual size: 172B

.eh_fram Size: 1KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 8B

.reloc Size: 1024B - Virtual size: 916B

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 6KB

.buildid
Size: 512B - Virtual size: 53B

.data
Size: 512B - Virtual size: 172B

.eh_fram
Size: 1KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 1024B - Virtual size: 916B