yofaboom32[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

yofaboom32.exe
Size

3.2MB
MD5

76928ef7f9b53a142193665423f8b63a
SHA1

f4490f2b4683bea1ca134b720dcf678a875283d4
SHA256

cbc21f5d8ab2abd6efe535f0a9685958a600a2ed73f25c3ade292804e764eb63
SHA512

03c061f652a0908075d8c1e8d1bec2e0b6d325e0dbb20b7d5d849ea1c5adc1f3f3be2654a72b2b33af4d474e3d5c6ca32a51b43df168e8077d99f7e8dbd0002c
SSDEEP

49152:ZDNUXQyh9BEKi5C1L/BG7VvZQNCCtHq2C1X1qAl6+XeJYsYi/es:ZD+hbiQXGRRQsCtK2C/XhXe+sYi2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
yofaboom32.exe

Files

yofaboom32.exe
.exe windows:4 windows x86 arch:x86

38456ebdc5eb59774891ed2ff2d507f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetExitCodeThread
GetFileInformationByHandle
GetFileSize
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcessHeap
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadLocale
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedCompareExchange
InterlockedExchange
IsProcessorFeaturePresent
LoadResource
LockResource
lstrlenA
lstrlenW
MultiByteToWideChar
OpenEventW
OpenMutexW
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
GetExitCodeProcess
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
HeapCreate
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCommandLineW
GetACP
FreeResource
FreeLibrary
FlushInstructionCache
FindResourceW
FindResourceExW
FileTimeToSystemTime
DeleteCriticalSection
CreateMutexW
CreateFileW
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
GetProcAddress
SetUnhandledExceptionFilter

user32

SetClassLongW
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetRectEmpty
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoW
TranslateMessage
UnregisterClassA
UpdateWindow
WindowFromPoint
VkKeyScanW
MessageBoxA
ReleaseCapture
RegisterWindowMessageW
RegisterClassExW
PtInRect
PostThreadMessageW
SetCapture
PeekMessageW
OpenClipboard
OffsetRect
MoveWindow
MapWindowPoints
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsWindowVisible
IsWindowEnabled
IsWindow
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetSystemMetrics
GetScrollPos
GetParent
GetNextDlgTabItem
SetActiveWindow
SendMessageW
ScreenToClient
PostMessageW
ReleaseDC
GetMessageW
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClientRect
GetClassInfoExW
GetActiveWindow
FindWindowW
FindWindowExW
FillRect
EqualRect
EnableWindow
DrawTextW
DrawIconEx
DrawFrameControl
DispatchMessageW
DestroyWindow
DestroyIcon
DestroyCursor
DefWindowProcW
CreateWindowExW
CopyRect
CloseClipboard
ClientToScreen
CallWindowProcW
GetWindowLongW

gdi32

Rectangle
RectInRegion
RestoreDC
SaveDC
SelectObject
SetBkColor
OffsetRgn
SetStretchBltMode
SetTextColor
SetViewportOrgEx
StretchBlt
TextOutW
MoveToEx
LineTo
GetViewportOrgEx
GetTextExtentPoint32W
GetTextColor
SetBkMode
GetObjectW
GetStockObject

comdlg32

GetOpenFileNameW
CommDlgExtendedError
ChooseColorA

advapi32

RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

StrToIntA
PathFileExistsW
PathAddBackslashW
StrToIntW

Sections

.text
Size: 756KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_phead_8
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38456ebdc5eb59774891ed2ff2d507f5

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shlwapi

Sections

.text Size: 756KB - Virtual size: 752KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 260KB - Virtual size: 260KB

_phead_8 Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 756KB - Virtual size: 752KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 260KB - Virtual size: 260KB

_phead_8
Size: 2.1MB - Virtual size: 2.1MB