Static task
static1
General
-
Target
Yugi_Pc.exe
-
Size
1.7MB
-
MD5
1cf221dc312d568c309e649b69b3c3b7
-
SHA1
94c3278a13ee93ae37bfde5e405569f8a493ba6e
-
SHA256
1e5d81b1e44edf09e91addab582ef963694aa285e4be5eb5ad8e0ce4ab04664c
-
SHA512
d2ea43606e377fdfdef7403703c1b9895700553d2fe6ca34166754c95e32b841f58c7470d4213622719f94f389e13183b62f22264872215f379e0c3580f96493
-
SSDEEP
24576:AnjN4ovenltvcBM5Jn5HSR3LHu3HnS5BUUzxKhoQyksOKTUyx8K1HJbFxR3IcKmB:SyVKIJPKdaFrW/Nop7O
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Yugi_Pc.exe
Files
-
Yugi_Pc.exe.exe windows x86
a476e2f10a251af1695fb3d18ee7323e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTempFileNameA
GetTempPathA
GetCurrentDirectoryA
WriteFile
DeleteFileA
GetModuleHandleA
lstrcpynA
LocalFree
LocalUnlock
LocalLock
ReleaseMutex
CreateMutexA
GetModuleFileNameA
FindResourceA
SetEndOfFile
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
GetCurrentProcessId
QueryPerformanceCounter
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
lstrcpyA
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
GetVersionExA
GetCommandLineA
GetStartupInfoA
CreateThread
ResumeThread
TlsGetValue
TlsSetValue
ExitThread
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
HeapFree
lstrcmpA
lstrcatA
lstrlenA
FindFirstFileA
FindNextFileA
FindClose
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
CreateFileA
GetFileSize
ReadFile
SetFilePointer
MultiByteToWideChar
GlobalFree
GetTickCount
GlobalAlloc
GlobalSize
GlobalReAlloc
GetLastError
CreateEventA
WaitForSingleObject
CloseHandle
SetEvent
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetSystemTimeAsFileTime
RaiseException
FreeLibrary
MulDiv
CreateDirectoryA
Sleep
VirtualFree
RtlUnwind
user32
GetMenu
GetMenuState
DrawMenuBar
GetActiveWindow
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
PostMessageA
MapVirtualKeyA
SendMessageA
CheckMenuItem
GetDC
GetCursorPos
EndPaint
BeginPaint
AdjustWindowRect
wvsprintfA
OffsetRect
ClientToScreen
GetWindow
GetKeyboardLayout
GetKeyboardState
ReleaseDC
ToAscii
SetRect
MessageBoxA
wsprintfA
PostQuitMessage
GetWindowRect
GetTopWindow
ScreenToClient
GetWindowThreadProcessId
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetFocus
DestroyWindow
SetMenu
SetWindowLongA
GetWindowLongA
ShowCursor
GetSystemMetrics
DefWindowProcA
CallWindowProcA
SetWindowPos
IntersectRect
SetCursorPos
GetClientRect
WINNLSEnableIME
EnumWindows
ShowWindow
SetForegroundWindow
gdi32
GetStockObject
GetSystemPaletteEntries
SetBkColor
TextOutW
CreateFontA
GetTextExtentPoint32W
SetBkMode
SetTextColor
GetDeviceCaps
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
SetDIBitsToDevice
advapi32
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
ole32
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
oleaut32
OleLoadPicture
winmm
joyGetDevCapsA
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
joyGetPosEx
joyGetNumDevs
joyGetPos
timeGetTime
msacm32
acmFormatSuggest
acmStreamOpen
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmStreamSize
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 4.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ