YoutubersLife[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

YoutubersLife.exe
Size

16.1MB
MD5

2d9a3a9344e79cd8ea3d794fcc4a0225
SHA1

29535d2ba77f67f31d6989359c62749d27437d0d
SHA256

82cee6fc05adf18a422c4a8793814d926c984d760ac285fe0e688b28f378eacb
SHA512

6e3d8a9d59f63830f213c3fdeb2b7bee5a27f1a216342521d9427d5050dcbeace75497a7c58eacf919f918c2ada4a7c0faa0ff6917661102a32dc817ce8f150c
SSDEEP

393216:Y6GKQxXx6kMLQKb/ymemZ7xhgPBGI9ato1gh7LWluK4ahoIQSozwyhyWW0VTj2Yv:OWVKozwyh/WQaK91

Score

1^/10

Malware Config

Signatures

Files

YoutubersLife.exe
.exe windows x86

33475c061532253a72235fa1fbe7ad8a

Code Sign

da:b9:fd:2d:cd:a6:5d:f8:6f:b5:27:f2:75:a9:03:90
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/01/2016, 00:00

Not After

11/01/2017, 23:59

Subject

CN=U-Play Studios,O=U-Play Studios,POSTALCODE=08027,STREET=Av. Meridiana 350 7C,L=Barcelona,ST=Barcelona,C=ES,2.5.4.18=#13053038303237

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:27:59:f1:6d:0f:d6:19:b1:fd:34:98:b4:74:43:bd:1f:03:10:e2
Signer

Actual PE Digest

b8:27:59:f1:6d:0f:d6:19:b1:fd:34:98:b4:74:43:bd:1f:03:10:e2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=U-Play Studios,O=U-Play Studios,POSTALCODE=08027,STREET=Av. Meridiana 350 7C,L=Barcelona,ST=Barcelona,C=ES,2.5.4.18=#13053038303237

02/02/2023, 17:54
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidP_GetCaps
HidD_GetHidGuid
HidD_GetProductString
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidD_FreePreparsedData
HidD_GetPreparsedData

gdi32

SwapBuffers
CreateDIBSection
GetObjectA
DeleteObject
GetDeviceCaps
SetPixelFormat
ChoosePixelFormat
CreateBitmap

user32

SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
GetWindowPlacement
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA
CreateDialogParamA
SetWindowPos
GetWindowRect
GetParent
GetThreadDesktop
GetUserObjectInformationA
EnumWindows
RegisterWindowMessageA
SendMessageA
SendMessageTimeoutA
LoadIconA
MessageBoxW
SetForegroundWindow
GetRawInputDeviceList
GetRawInputDeviceInfoW
GetRawInputData
RegisterRawInputDevices
DispatchMessageA
TranslateMessage
PtInRect
GetClientRect
GetWindowLongA
GetMessageExtraInfo
CreateIconIndirect
ReleaseDC
GetDC
GetSystemMetrics
SetCursor
LoadCursorA
DestroyCursor
DefWindowProcW
DestroyWindow
CreateWindowExW
SetClipboardData
CloseClipboard
EndDialog
DialogBoxParamW
IsIconic
RegisterClassExW
RegisterDeviceNotificationW
SystemParametersInfoW
wsprintfA
WindowFromPoint
UnregisterDeviceNotification
ReleaseCapture
SetCapture
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
ShowWindow
ClipCursor
ClientToScreen
GetAsyncKeyState
ScreenToClient
IsWindowVisible
GetCursorPos
GetKeyState
GetProcessWindowStation
GetUserObjectInformationW
wvsprintfA
MonitorFromWindow
GetCaretBlinkTime
UpdateWindow
PeekMessageA
GetMessageA
ValidateRect
EnumDisplayDevicesA
EnumDisplayMonitors
EmptyClipboard
GetMonitorInfoA
SetFocus
GetFocus
ShowCursor
SetCursorPos
LoadImageA
GetWindowLongW
SetWindowLongW
PostQuitMessage
RegisterClassW
SetWindowTextW
CopyImage
EnableWindow
MsgWaitForMultipleObjects
DispatchMessageW
IsDialogMessageW
PeekMessageW
CreateDialogParamW
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamA

advapi32

CryptDestroyHash
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
RegCreateKeyW
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptGetHashParam

ws2_32

WSAEnumNetworkEvents
WSASetEvent
bind
getpeername
getprotobyname
recv
getsockname
gethostbyname
ntohl
send
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAWaitForMultipleEvents
WSACreateEvent
WSACloseEvent
WSAEventSelect
select
__WSAFDIsSet
ntohs
freeaddrinfo
getsockopt
WSASetLastError
setsockopt
ioctlsocket
gethostname
socket
WSAGetLastError
htons
connect
sendto
recvfrom
WSAIoctl
getaddrinfo
getnameinfo
accept
WSACleanup
shutdown
WSAResetEvent
closesocket
htonl
inet_ntoa
WSAStartup
inet_addr
listen

kernel32

SetWaitableTimer
OpenEventA
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead
GetThreadPriority
SetThreadAffinityMask
SwitchToThread
VirtualFree
VirtualAlloc
VirtualProtect
InterlockedExchangeAdd
CreateWaitableTimerA
GetProcessAffinityMask
FlushConsoleInputBuffer
ExpandEnvironmentStringsA
VerifyVersionInfoA
GetVersion
GetProcessHeap
CreateFileA
GetSystemDirectoryA
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
InterlockedExchange
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
GetLocaleInfoW
InterlockedIncrement
HeapCreate
GetStdHandle
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
DuplicateHandle
SetConsoleCtrlHandler
WriteConsoleW
SignalObjectAndWait
CreateMutexW
FlushInstructionCache
HeapSize
HeapQueryInformation
ExitProcess
EncodePointer
DecodePointer
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
SetErrorMode
GlobalMemoryStatus
CreateSemaphoreW
VirtualQuery
GetFileTime
lstrlenA
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileSize
TerminateThread
GetTimeZoneInformation
GetLocalTime
FormatMessageA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
GetWindowsDirectoryW
ResetEvent
InitializeCriticalSection
IsDebuggerPresent
GetSystemTimeAsFileTime
SetThreadPriority
TryEnterCriticalSection
LeaveCriticalSection
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GetFileInformationByHandle
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
SleepEx
SetEvent
SetDllDirectoryW
GetFullPathNameW
GetCurrentDirectoryA
PeekNamedPipe
GetVersionExA
GetDriveTypeA
GetModuleFileNameA
GetFileAttributesA
FindFirstFileExA
ReadConsoleInputA
GetEnvironmentVariableA
OutputDebugStringA
SetConsoleMode
GetFullPathNameA
GetTickCount
InterlockedCompareExchange
CreateSemaphoreA
CloseHandle
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
CreateEventA
MultiByteToWideChar
GetProcAddress
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetLastError
WideCharToMultiByte
ReadFile
SetFilePointerEx
WriteFile
SetFilePointer
SetEndOfFile
GetFileAttributesExW
CreateFileW
SetFileAttributesW
GetFileAttributesW
CopyFileW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
FindFirstFileExW
CreateDirectoryW
RemoveDirectoryW
DeleteFileW
SetFileTime
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExA
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
lstrcpynW
GetCommandLineW
CancelIo
GetOverlappedResult
CreateEventW
ExpandEnvironmentStringsW
CreateMutexA
GetCurrentThreadId
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
GetVersionExW
GetSystemInfo
GlobalMemoryStatusEx
GetUserDefaultLangID
InterlockedDecrement
GetComputerNameW
GetTempPathW
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
WaitForSingleObject
CreateThread
GetCurrentDirectoryW
OpenEventW
DebugBreak
SetLastError
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
GetDriveTypeW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA

ole32

PropVariantClear
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket

shlwapi

PathCanonicalizeW
PathFileExistsW
SHDeleteKeyW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW

opengl32

glColor4f
glColorPointer
glEnableClientState
glVertexPointer
glNormalPointer
glTexCoordPointer
glDisableClientState
glIsTexture
glLoadIdentity
glGetTexParameteriv
glTexSubImage2D
glPixelStorei
glCopyTexSubImage2D
glReadBuffer
glGetBooleanv
glGetError
glTexParameterf
glDrawElements
glDrawArrays
glGetIntegerv
glGenTextures
glBindTexture
glTexImage2D
glTexParameteri
glReadPixels
glDeleteTextures
glFinish
glDrawBuffer
glScissor
glViewport
glGetFloatv
glMultMatrixf
glMatrixMode
glLoadMatrixf
glPolygonMode
glFrontFace
glClearColor
glClearDepth
glClearStencil
glClear
glStencilMask
glDepthFunc
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glBlendFunc
glEnable
glGetString
wglGetCurrentDC
wglGetCurrentContext
wglCreateContext
wglDeleteContext
wglShareLists
wglGetProcAddress
wglMakeCurrent

winmm

waveOutPrepareHeader
waveInReset
waveInOpen
waveInStart
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
timeGetTime
timeEndPeriod
timeBeginPeriod
waveInGetNumDevs
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveInClose

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

imm32

ImmSetCompositionStringW
ImmReleaseContext
ImmSetOpenStatus
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmGetContext

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

winhttp

WinHttpGetIEProxyConfigForCurrentUser

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 12.9MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 539KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33475c061532253a72235fa1fbe7ad8a

Code Sign

da:b9:fd:2d:cd:a6:5d:f8:6f:b5:27:f2:75:a9:03:90Certificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

b8:27:59:f1:6d:0f:d6:19:b1:fd:34:98:b4:74:43:bd:1f:03:10:e2Signer

Signature Validations

Verification

02/02/2023, 17:54 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

hid

gdi32

user32

advapi32

ws2_32

kernel32

version

ole32

shlwapi

shell32

opengl32

winmm

oleaut32

imm32

dnsapi

iphlpapi

winhttp

Exports

Exports

Sections

.text Size: 12.9MB - Virtual size: 12.9MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 317KB - Virtual size: 1.1MB

.trace Size: 7KB - Virtual size: 7KB

.data1 Size: 512B - Virtual size: 64B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 554KB - Virtual size: 553KB

.reloc Size: 539KB - Virtual size: 538KB

da:b9:fd:2d:cd:a6:5d:f8:6f:b5:27:f2:75:a9:03:90
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

b8:27:59:f1:6d:0f:d6:19:b1:fd:34:98:b4:74:43:bd:1f:03:10:e2
Signer

02/02/2023, 17:54
Valid: false

.text
Size: 12.9MB - Virtual size: 12.9MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 317KB - Virtual size: 1.1MB

.trace
Size: 7KB - Virtual size: 7KB

.data1
Size: 512B - Virtual size: 64B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 554KB - Virtual size: 553KB

.reloc
Size: 539KB - Virtual size: 538KB