Static task
static1
Behavioral task
behavioral1
Sample
YTSubConverter.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
YTSubConverter.exe
Resource
win10v2004-20231215-en
General
-
Target
YTSubConverter.exe
-
Size
442KB
-
MD5
9ddd628024f7dea0c02947c4e9834243
-
SHA1
6430bc10a5764a0409051c498f2e65b1ab7ab73f
-
SHA256
418ed6b02888e3cc004579b7028b556fb2e13f7854ba3708e9d2a92537deb114
-
SHA512
643d1e97df6833a2e70eaaeeabc6fe3cb8bdadc6b7fcd922b04135b4248f993c245203c89a5ace922c93190c3640765bf7889ed61cf79e78d4c1767bd19f5e29
-
SSDEEP
6144:+BYypZi8EGoYXcdr/SMe1l/ZjamqelmxjJhWo2U78:EJpwSl8mqfVJY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource YTSubConverter.exe
Files
-
YTSubConverter.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 343KB - Virtual size: 343KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 97KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ