YanoDeobfuscator[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

YanoDeobfuscator.exe
Size

15KB
MD5

c8631d8dde3602b2d9cf64f5e53fe41a
SHA1

80ef6fa5a1dd86c8f8f2514100c1b4586434e0a7
SHA256

bf7520c2511feaaf300e68475990fe9442a53746c07a83077f3be0d6cd28af22
SHA512

79c2c3c8719b365731ed00c75d3088b4912537730bb597677ed5c40c258726b9b1facb5056946098399ad49e2b06b17d01b4c71d81ce104a813980b96bb4c437
SSDEEP

192:2A6cf97Op37kRfoIvpuaEFy2g7zIrA3CsghEPKQxOwrT640Rq+vE1:vNBOp37GfJRuDFg7zIASrEH9rQrvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
YanoDeobfuscator.exe

Files

YanoDeobfuscator.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\samjam53\Documents\GitHub\YanoDeobfuscator\obj\Debug\YanoDeobfuscator.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ