PUP.GameHack.HYA
Table of Contents
Analysis Report
General information
| Family Name: | PUP.GameHack.HYA |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
897444c8e5c0a94d9d4fffb7fdcd6009
SHA1:
c6c888b3ff9650255d1ab45636e5c3a86fa17772
SHA256:
5BBFD78CD2E3D3EFE0C3A35F83017B31B5664C96673B59D7F67665A1D81CE7BA
File Size:
69.12 KB, 69120 bytes
|
|
MD5:
c36ebcef01f34ea1d35d8b90c633f17b
SHA1:
d95478e6bfe37158b284714411765cd4c0650a0a
SHA256:
22195DAC853FFFD65252B7E0D018EC1E7E3874B068AA1FF717340A7393435B5C
File Size:
67.07 KB, 67072 bytes
|
|
MD5:
d1625ca2c54ba69c39db50bced61d7bc
SHA1:
e8c1f2bdca1083e10bf0f1631241486e022c5d70
SHA256:
50600B8A5F01CC080E03AA1C1D2BAE967A4A62A3BA57115EA1AE04009AD793DC
File Size:
69.12 KB, 69120 bytes
|
|
MD5:
ceee85e2cec388d8cc2be354055b0d11
SHA1:
ea74e560b1fcf7dae8c63d665530aab81415a29d
SHA256:
A818AE72A0B83FD3B8062715616842F36D77A92AA67C2256ED6A4806369CD8EC
File Size:
521.22 KB, 521216 bytes
|
|
MD5:
1895eae9c955f75d86ceb4c2e1639ffc
SHA1:
662f6d9448180b22f8220a767a53d5d175ec0cf8
SHA256:
52E14121807CE97005F1BFC16A9D0974D3B76ABCA589D70C3931DEC47CEFF400
File Size:
92.16 KB, 92160 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
File Traits
- HighEntropy
- No Version Info
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 290 |
|---|---|
| Potentially Malicious Blocks: | 8 |
| Whitelisted Blocks: | 282 |
| Unknown Blocks: | 0 |
Visual Map
x
x
x
x
x
0
x
x
x
0
0
0
0
0
0
0
0
0
0
1
0
0
1
0
0
0
1
1
0
0
0
0
0
1
0
0
0
0
0
0
0
0
2
3
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
1
0
1
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
1
1
1
1
0
0
1
0
0
2
2
0
0
1
0
0
0
0
1
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
1
0
0
0
0
1
1
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\users\user\appdata\local\temp\cetrainers\cet43b0.tmp\cet_trainer.cetrainer | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cetrainers\ceta207.tmp\cet_trainer.cetrainer | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cetrainers\ceta284.tmp\cet_trainer.cetrainer | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cetrainers\ceta63d.tmp\cet_trainer.cetrainer | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cetrainers\cetbc11.tmp\cet_trainer.cetrainer | Generic Write,Read Attributes |
