yaya[.]sp[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

yaya.sp.exe
Size

37.1MB
MD5

d44e5ac3e0e8945ecb7157957e296f18
SHA1

0ce9a164680099da30d9894a682d5a7760894165
SHA256

490183e200d1ea3c04c3fb18d19e3b600c03a6b28bb3619570c2e64bc9c1905e
SHA512

9083a2ba995c44a793baac30ad90965ba1e244772056e8dd40a13810762c71de01729c9c0b5a397bcdce7019e6a4769c9d8c86dc75a279ef7ac900ba171ab66e
SSDEEP

786432:TkpzYXiGpSX8a/66X4/C8L/plOg6q/TpFEB8e97K8TVTSn:AzvCSLzX/GDOg6Ke9+8TV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
yaya.sp.exe

Files

yaya.sp.exe
.exe windows x86

861f5857e6a13a449231db2a5b94ec88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

recvfrom

rasapi32

RasHangUpA

kernel32

SetLastError

user32

ChildWindowFromPointEx

gdi32

LineTo

winspool.drv

DocumentPropertiesA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetIcon

wininet

InternetCanonicalizeUrlA

wldap32

ord29

comdlg32

ChooseFontA

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 718KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.4MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 26.2MB - Virtual size: 26.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 4KB - Virtual size: 375B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

861f5857e6a13a449231db2a5b94ec88

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

wldap32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.8MB

.rdata Size: - Virtual size: 1.7MB

.data Size: - Virtual size: 718KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.svmp1 Size: - Virtual size: 4.4MB

.svmp2 Size: 5.8MB - Virtual size: 5.8MB

.svmp3 Size: 2.1MB - Virtual size: 2.1MB

.svmp4 Size: 26.2MB - Virtual size: 26.2MB

.svmp5 Size: 4KB - Virtual size: 375B

.text
Size: - Virtual size: 1.8MB

.rdata
Size: - Virtual size: 1.7MB

.data
Size: - Virtual size: 718KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.svmp1
Size: - Virtual size: 4.4MB

.svmp2
Size: 5.8MB - Virtual size: 5.8MB

.svmp3
Size: 2.1MB - Virtual size: 2.1MB

.svmp4
Size: 26.2MB - Virtual size: 26.2MB

.svmp5
Size: 4KB - Virtual size: 375B