yuplay[.]exe | Triage

Sharing

General

Target

yuplay.exe
Size

313KB
MD5

aa530fc34de60347ab824504af88ac4e
SHA1

bb383ccf5f44165e0dad74c0e6a54deded6e1b26
SHA256

fab272012d934f75915cd888f213e8857c390086363351eab3bf69f19ce67b65
SHA512

92ba5d47547f2584d3fa472ae3d73d72d13bb8549e06d1a11a0f7c365f1248ea5ea951dcb874d9eb50d28fbc6188f08b873f5b6e57686f39a9edf079d3e0f5ef
SSDEEP

6144:naI0eNzU5YCJ7L4Q51GDIfd4UgqCuZKtTeuZLmHwzJ6pgE3OaamHQ:aUNz41L40+IW5q7edaQzM3Oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
yuplay.exe

Files

yuplay.exe
.exe windows:5 windows x86 arch:x86

5763fb03d6465d8444e70d306d6af487

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DefWindowProcA

Sections

.text
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLD1
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLD0
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLD2
Size: - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLD3
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ