Static task
static1
Behavioral task
behavioral1
Sample
yAABA.tmp.dll
Resource
win7-20220414-en
General
-
Target
yAABA.tmp.bin
-
Size
820KB
-
MD5
e9334bc1f6db1fe8db13e17c47299c74
-
SHA1
da12f863b1c4f437efc8a5faa8e04e32439eb479
-
SHA256
a7628a09046bc9f9144ecf506ef5a399befb8a985b028db8032a40ae0f96cf86
-
SHA512
b2e10ccb89dc2ec23a824cf9c39d76c698f3f1f4a3498c1fcc7b68a73a9a15e28aac512a010c769582b965d544ee558cfdc2e59a672dd7e782826e9776640d95
-
SSDEEP
12288:ZFZW8c0TFI/j10/rXizXiivm7yzL0MccCV8YPsWulsgEmsqahe3f0:M1OIQrSzXiiu7yzL7tYPsWx5aak
Malware Config
Signatures
Files
-
yAABA.tmp.bin.dll windows x86
a6add3ee6681055674d116203cbe3e3c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
MkParseDisplayName
advapi32
LookupPrivilegeDisplayNameW
GetSecurityDescriptorControl
kernel32
GetCommConfig
lstrcmpiA
GetCommModemStatus
WaitForSingleObjectEx
CloseHandle
GetModuleHandleW
OutputDebugStringA
DeviceIoControl
Module32Next
shell32
ExtractAssociatedIconExW
secur32
InitializeSecurityContextA
powrprof
ReadPwrScheme
gdi32
GetOutlineTextMetricsW
DeleteDC
DeleteColorSpace
msvcrt
memset
_time64
user32
IsWindow
GetScrollInfo
GetUserObjectInformationA
GetClipboardFormatNameA
GetClientRect
ExitWindowsEx
Sections
.text Size: 96KB - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 548KB - Virtual size: 547KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 156KB - Virtual size: 165KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ