yfga_game[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

yfga_game.exe
Size

46.5MB
MD5

7b26e82fcd63dbe32d59abf2b45b135b
SHA1

03d246895eabfb72a5a207cdb69c4740136b2447
SHA256

2e8e6a9486bfb3bdf692db13835274a23185749b57c896832894bb424e197442
SHA512

0ab9009f778759b07f1eb3c6f093c77b2e6ae28f4a22b68abbfcd973f2bcf7f2099b1d9390fd118a394042cba191b7b5699b162def1beaab94387145e51453a0
SSDEEP

786432:J7Ud58tChs1g2uzRY7KPB8NUc3sXEPeEwkHYvgctIKpJZXnfsrQl92Z3tHDUOsj1:5t96W76B0HkGUvgcaKpDPBl92HHDdsGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
yfga_game.exe

Files

yfga_game.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\SerGreen\Source\Repos\Appacker\Unpacker\obj\Release\Unpacker.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ