yandi[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

yandi.exe

windows7-x64

yandi.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

yandi.exe

Resource

win7-20230220-en

quasar stealerium bigfis spyware stealer themida trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

yandi.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

12 signatures

150 seconds

General

Target

yandi.exe
Size

27.0MB
MD5

628ef85da2276618c00a61794d9b0ae8
SHA1

6ea6b2c1eb84bcab7cc07608efd130c0fd2dec0a
SHA256

5cd433402b80eb5c05b6bdfaaacea035e50dc3ae0e9781d2b8c725401621ee51
SHA512

66a82e37d32edb84c106b4ff013359ba1409c2d24db524b0ee8f9983801c92fc9ca98ae5cf0689405d35a3b2c0bfc9c6ff63353f6f56393c3b94a67f57175fb6
SSDEEP

192:5ucYR8AtNdPZ6Gygw2NSbzphrUG+5Ar5WIhjWN69vXHcVS6LokMaYalvVp+pGdRt:uR8AtNdPZ6Gy24zTeqvXdkMcHggnOlu

Score

1^/10

Malware Config

Signatures

Files

yandi.exe
.exe windows x86

699cc9570c233cf12692f95447a4cdc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ShellExecuteA

msvcrt

__argc
__argv
_environ
_XcptFilter
memset
__set_app_type
_controlfp
__getmainargs
exit

kernel32

SetUnhandledExceptionFilter

Sections

.text
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy