Trojan.Exploit.YB
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 5,973 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 707 |
| First Seen: | November 16, 2022 |
| Last Seen: | April 21, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Exploit.YB |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
a6969e963ed31362911aa59b9ba825aa
SHA1:
31c95e615214b67df08f349fd861f0773b4b9136
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
6de71d0685c8576e420cfa64c52c9776
SHA1:
a763bd1d756c3d26874226a5202398a023406194
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
40df816fb01d09b992551c9f5a2d3349
SHA1:
d1870b97accbad795e47bbff65774f67545718d3
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
32a23cb9a72c477013f7b3473080fa81
SHA1:
a03521e7b538b69b4c9f97404b381dedd538c156
File Size:
63.49 KB, 63488 bytes
|
|
MD5:
dca0cd702081ddb693621bb457f53ca5
SHA1:
83dcbbc4a5b6544c39b9e7951392eea4a463492c
File Size:
64.51 KB, 64512 bytes
|
Show More
|
MD5:
69bfdaf76bd426bb27f908c2c7a64cc5
SHA1:
a5b78281a3e6e2d1903b0e84e690e6c68d50b06c
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
9dd3f0348dbdf041815ccc69a6951722
SHA1:
24985a5ce70a833b0bebcf91207686d946f94341
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
24746d5c8e2fb795a9450acea981fd7a
SHA1:
00ed34d15f0c019f71acacac44d8da3b2abe1d97
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
f098cc15361259e9db8e81b355f336c5
SHA1:
9eadfd81439527afb7cd1fcc4ed1b44b305ee05a
SHA256:
CDA092E6B7A5443CAFA6BC8167D46D3F36650682799E4D76D9F5809C680AC58D
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
f440b35a41dfd84782d93544efb76bd9
SHA1:
89440237e6d0a118c20b9f3e6aa4d85c4546fc65
SHA256:
6666F851AB40B3A3F1F4BF54E4CC809C95F3AB7ABF641752FDD1555D54E7D096
File Size:
67.07 KB, 67072 bytes
|
|
MD5:
9fd3ac4194bf0e5d49d9ba49843c5841
SHA1:
ee5db2625220e40b10c4ac9f0b752a998a802a74
SHA256:
8578570DB4A659F420B1CEC211721E5F1B116EF5189DA5E1A403390A4E1B3E90
File Size:
62.46 KB, 62464 bytes
|
|
MD5:
9c2ff85390378de8c44079ccb757468a
SHA1:
98b07b0e61c009ea85ac9ed2d7afd06a7ce537f9
SHA256:
FD6DA679470AF59306F4A6E0F8B3D733656B3681BE78C4E28F431553745E04C5
File Size:
63.49 KB, 63488 bytes
|
|
MD5:
baa0b32d47f9d90ddd771412e55907b7
SHA1:
88f4e1d3dfa69135dd65807ed710dff9c0305af0
SHA256:
33704A0BEA72937AF45CEA412115688B889D78DC32F9EEB20D4A26CE340BCE44
File Size:
62.46 KB, 62464 bytes
|
|
MD5:
1116444c1c198e3f6a4aec6822f70045
SHA1:
968c3cbd06b5cb3a0fbf070444a5b9cf02650d42
SHA256:
082DF6A1B785C688CEF28FC26397410F144471462C8539C6D60A7C3200FFD420
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
9f35ebce240c8b50c8fd41fd30f9860c
SHA1:
a687137241056262ba5d975bd49cc2a43240b396
SHA256:
D72EB8BB8DE0AD1AC56FDAFDD2FCD6C1D76A3EE1B1A0710C9FFE275E93540BEE
File Size:
79.36 KB, 79360 bytes
|
|
MD5:
e5242e57614c8c9de1bce890d03e04a6
SHA1:
dfb5ed73b6a312694d1ee957746fedcaa6e0638b
SHA256:
3C59C559FA62AD8271354B38852DEC1B01593A72BA61EE3963046BD555C8D906
File Size:
70.66 KB, 70656 bytes
|
|
MD5:
1dfd161cace4e2965188b0ec940feb1c
SHA1:
c115d3e4b0adc18b9f5e6fbead990b7c2145094d
SHA256:
A2550AC80B1B7851856B7F27F8687ABF3BC8213F6C1ACB751480705E0B1B4E80
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
62dc8bb694273eb6df572cdc24b2e9af
SHA1:
a6901517266466391cb265e7423610e24f93adee
SHA256:
A586596E0369AE908B8E923AF532C290B99DC0CCA9386354E5D321E178777625
File Size:
66.05 KB, 66048 bytes
|
|
MD5:
24213333a9f0ca01f07114fac42e3a1b
SHA1:
6ddeecccec6014e1ee92a5c4e205a1a8d3e4e047
SHA256:
28AE1CDBC4EDA58CF11EF1C57C5AED04A752856F366C90770669DD6A73B07A7A
File Size:
68.10 KB, 68096 bytes
|
|
MD5:
b68d10f8d198c21703532efa97db061e
SHA1:
d06f38aa6f46bd513fe347d50d759b1981aa8c88
SHA256:
8BE49B5B7B5E40F637A0147103B3A7FE8B2E7F0148E6CB318FB529838EAA26FE
File Size:
67.58 KB, 67584 bytes
|
|
MD5:
01b701bf30e5a3410528ea40a2a0e4a1
SHA1:
3068d8659b8f0c197587edfe5ffb5f46c99f8a44
SHA256:
15E72FE1EBE16D66EF349CCCA28B2B7610FAFFE13B3541E96F31C40FE0F67B98
File Size:
62.46 KB, 62464 bytes
|
|
MD5:
5e105e019f1f83accd8c90da23d656da
SHA1:
65ff842e20fc37ae24c07612de521d581cc4700e
SHA256:
6D421758236B22B9ADE24B61D677A4B0ABA54086276EBA8E9C4D76A60361E6A5
File Size:
89.09 KB, 89088 bytes
|
|
MD5:
3c5bd7b0aefa6e2f64002f3078f52941
SHA1:
90c89cb439f3bca3980132fbaa3a8dceb3e56e75
SHA256:
E566D01170C2F2E0725367BF6919E94306FABCDD9BF312365237574BF5493571
File Size:
65.54 KB, 65536 bytes
|
|
MD5:
237ed299df0bc6c12083ff7af544e4c5
SHA1:
e116fc175eb9090ce3c67ae44191492c059dd4bd
SHA256:
B771F3837463A39CF9C3425A7B4DD9524B3D1589B19A6372AE4AD5999EA27367
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
5d82cd0619418e9e96f1ddcd942333a3
SHA1:
bcf6dbcd3077fecd1bb5426655d762692ef407c5
SHA256:
744E1030762FAC1BBCE1614ADEDE947E82CD54803E739ED0BE492B23AE4C4722
File Size:
83.97 KB, 83968 bytes
|
|
MD5:
9ae6b625e9d40e55e2eb9b6dd8131caf
SHA1:
fffac798c5769873619ca0ef19a99c0a3cbc4fae
SHA256:
91C943B46526FD401E1FB512CEB771338F9EE445F883FA86C109B1251D2090D7
File Size:
63.49 KB, 63488 bytes
|
|
MD5:
5c6b4c40beacd07fd5bd147598554503
SHA1:
9d8ddbd386323cd17b48fcdfdc17cbc35295c6c3
SHA256:
16322443204E0E1E8096884124B54BFA5498CFDB849FE1818CD64BDCB79A5D2E
File Size:
67.07 KB, 67072 bytes
|
|
MD5:
270cbd778c9024d7c8cd6c15a4ac7fe4
SHA1:
d6632d4596737f69108087bb930c5cc619448760
SHA256:
93914B1116E78D6B690F3275A7334B37FDB8B4759EC1131DD26108B14DFD4B81
File Size:
62.46 KB, 62464 bytes
|
|
MD5:
7f14bd23aba6d16f602b9eff69da51ba
SHA1:
2fc3f963702508cbb628ad5ef32d23de21e70834
SHA256:
A76F795216BA6AF72B6240E22C518AEF174A599424EAD225D2D9E3D8CBC7907C
File Size:
64.51 KB, 64512 bytes
|
|
MD5:
36e3deeeef2c01b940dbd083e1c848ec
SHA1:
d5e8b4aa55194cc527c5967936b75688180c175b
SHA256:
BC66538F2FC15580C29ECEADD06CDD851D72D758251896553266D26936CEA224
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
ffeca3904b410ac9fd51a874f20faf6a
SHA1:
f802eee2b88a554b6861d8cd3fa85f37451f0978
SHA256:
4AE4324AEE4DDBFC83E87AF47BB6E69C46A9113B179F6E4AA5E5B724E15EB81C
File Size:
62.46 KB, 62464 bytes
|
|
MD5:
405e9154242c095520f6001febc0f12a
SHA1:
8143e9049008383bfee37656272d7ca437428604
SHA256:
F10EC7A547F848F10D8E864664A85AA3BCD076406ED5DF3043E80C672CF5A8B4
File Size:
63.49 KB, 63488 bytes
|
|
MD5:
03c2e3f62542db52261b6f6dee78348e
SHA1:
9c3c594c7636b91cd6f534db6a773db9ec8f3e7d
SHA256:
DAF808464630B53A4A97AF99184016CBD361C94B777422277DCB9C07A75005D0
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
eed7413a2415cb841c0803ea88134cbf
SHA1:
75f70d5ddd69581a8b863d37a47be6ac493aba22
SHA256:
A7C04C295A9EF7EFC8C0DFE6628D9C929C04E95B73EE49C065F9665F4147FE41
File Size:
86.53 KB, 86528 bytes
|
|
MD5:
61e38b25d587248d11093e4d74a907e6
SHA1:
257bde851ef9e92d7a13284547a6cfd1d8c377a9
SHA256:
AA3BE216F6144F46246B29160CA751027BAA637175879E6F5654233AC16450E8
File Size:
81.92 KB, 81920 bytes
|
|
MD5:
79cf11e1ad14234e085a9bb87d36a5de
SHA1:
fa7cf5f29e202ab4159534034eba149c764fedc7
SHA256:
2AD0227C09A9149D01A4AC9423932F4328357D4CB61F91F87150B430A1B1DCC6
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
0999f31640b87b65f92f2ab80cda581d
SHA1:
829e46db4179f80e8207acfc587b3178e67422f2
SHA256:
2610529723EBF9908C161CFD974ABA07DA1D37D8D8A14072CB5A50B0D7736975
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
5c48321847f92d59420a3d313605949b
SHA1:
98b285b97b1d2f36dec6eee1326ab0428dc02971
SHA256:
244DDB97F18DD3221BD222B302DAF9A98892C20714370E4DCBDAFCC71849717F
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
75ce3ab5637a340f75b5c063c1a096ff
SHA1:
7b54c9f280c92d45ffc54d84b3dba101881d446c
SHA256:
3F95FBE7BB0246FE245DB03EC2459F6CEBF38EAFF408DE245913699BD33485B7
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
360482dd415b13ccebbc80fddebcf368
SHA1:
628f190b7076a09f661b60383ac2cec0772fc958
SHA256:
F4A5AC26D36FB1A663F1A15B4E8FF5C7F1AF61EA4B5C4AA0C4EC3DB0A563E925
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
65ae16ed7e9defbdd9b96452b9bc5514
SHA1:
20a60fbe768db178aa81887b0e45f0aea3e4417c
SHA256:
60E3E753855B0451ECF1EDDA34F51B08BEB769C03C2C3F442131EFD7B0C12E75
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
0b44ce060caf6a5a885fbf5e0c8008de
SHA1:
96369d35fbb951e0daf65caf604c54244507b9b7
SHA256:
579C7250E8AF72838E683CDB922D2BE7F3A025ACFF15A9B28178E125B6C27377
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
8f9f226a82ffa2d9d0ff576f06b56505
SHA1:
a3444a02b606e67d473e3fd0ac03d3c89ee9c908
SHA256:
C8CEB82B338DA23958BD6DB9BA8E42111A2B396E9CA3227ACBDF2F4F526D0975
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
36e3dbef06367aa514ed585ec12faea0
SHA1:
e440bf82d7cb3dc52a1d64280c5e6f5a6338b79b
SHA256:
0D421A9384BB24670D6C5B2E9196DF44A02CA063BBE3C55BFC21C3AEFA7053F2
File Size:
65.02 KB, 65024 bytes
|
|
MD5:
8e60e03743bd9a2030378e22b5e65e01
SHA1:
36b2afb3121a33f77551c1995b49a583af5a320b
SHA256:
19062C08979B53EC562692D0FC079B0EB687004CDD3876FCA90E9D2BE26A5E4F
File Size:
60.93 KB, 60928 bytes
|
|
MD5:
4a046789691023426b55dd71f79d9434
SHA1:
b5c1501f20e222e57f6ade3984d48873293c6e31
SHA256:
B58CB44CEC645DA207B670F7E9AB64D7D03B86D536ADD7A28D2A57B6E4E6FCC3
File Size:
64.51 KB, 64512 bytes
|
|
MD5:
18cd929fcb2f701e0875b42c204478bd
SHA1:
7a96c86647cf41438f8ccd7926ad6cd6a527649f
SHA256:
D8BCCFDE5D8E4A49039574328997518A77A6D7856BFCEF4C91F007249E0C1D8F
File Size:
68.61 KB, 68608 bytes
|
|
MD5:
29d99350e1df729b79b6f9f0b2a1ce04
SHA1:
7b9283082faab6bce3af44bf9b60430d258fb218
SHA256:
B682B837DDDDBFFC58E012FC1BB72B14B00E56481B8C6D731647B5FFA430EAA7
File Size:
82.43 KB, 82432 bytes
|
|
MD5:
5ef53561af8fd928b7657754b6a985a3
SHA1:
ddce4ccf0716570170f3f5e8122466c3c6b65a55
SHA256:
7CFC28F0613A17A8BEBAF46F7766C6E2F54E3350AF93940510844370547FFF69
File Size:
64.51 KB, 64512 bytes
|
|
MD5:
fe47faa6d9ad58698bda46465e796ead
SHA1:
cca3b0bedace68a9391f8e9727d728b895331817
SHA256:
0B50E8195C1D461D17AC471BDFF277AB7561C857C4D4F3ED1B93E99E4F78F4FA
File Size:
62.98 KB, 62976 bytes
|
|
MD5:
2f1b21c53f8223e0ca17de26da12bbb7
SHA1:
2ffc27c76d87b2666ff96ff6dfadedecc5def905
SHA256:
851C2464835C6950E1900FECB02B233F5925363FC37A7BDB63A5762189740993
File Size:
76.29 KB, 76288 bytes
|
|
MD5:
17363224407caa3da72044d4673135d0
SHA1:
3185e90465910f846284c59e5f7d5eadc41235db
SHA256:
B57C5B0EBADEF2FB56F182B806A42B913D11237A48B10B5064C28A0455482B25
File Size:
65.54 KB, 65536 bytes
|
|
MD5:
af723dc5a5f645e1ca99eeb9b695d745
SHA1:
4ba13eb9e03ef523ef6446c3daf5014866abfec4
SHA256:
D6B3EF8D54F62AA226D5CC62C179C0785CAE9F0AF6A74CB037653A29FFA82BFA
File Size:
64.00 KB, 64000 bytes
|
|
MD5:
4bf51dcc15ab1a46dc05841fdd7fbd57
SHA1:
ee42c471692a985957f2842d99c7c69a2068c06f
SHA256:
844808BD7C0B2D9A5B6D9B661500499D8591E52039FCC180A3C6664220D48CBE
File Size:
65.54 KB, 65536 bytes
|
|
MD5:
5fe4c3fc13a5d19be3f98d2c1a95f6bc
SHA1:
bbb7363f38465c48000d95b4074d954784e54169
SHA256:
BCFD82C4C9738BA316ACEB3206E3D87CDC59E23F8ABA5F2ABE978B1946BEB811
File Size:
67.07 KB, 67072 bytes
|
|
MD5:
acb88597e79e01e9ac84137a331ac168
SHA1:
e644d60a5855dcb6ca3da3c8b531ee63e336552c
SHA256:
EE562B3B9FC7F0657E97E0D04D7AB2D204E8E5402C6BCC018BECD8C21BB79BA7
File Size:
63.49 KB, 63488 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have exports table
- File doesn't have security information
- File is 64-bit executable
- File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Traits
- 2+ executable sections
- JMC
- No Version Info
- WriteProcessMemory
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 109 |
|---|---|
| Potentially Malicious Blocks: | 0 |
| Whitelisted Blocks: | 108 |
| Unknown Blocks: | 1 |
Visual Map
0
0
0
?
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Agent.FYE
- Agent.FYM
- Agent.GOA
- Agent.KFG
- Agent.PGF
Show More
- Agent.XCO
- BadJoke.FS
- BadJoke.HJ
- BadJoke.KFA
- BadJoke.OF
- BadJoke.SB
- Bladabindi.CBB
- Brute.DDA
- Brute.DW
- Exploit.X
- HackKMS.BN
- Injector.GFDC
- Injector.GFI
- JuicyPotato.D
- KDE.A
- PSW.Agent.K
- ReverseShell.XE
- ReverseShell.XG
- Rozena.FSA
- Rozena.LG
- Runner.FTA
- ShellcodeRunner.FSA
- ShellcodeRunner.GH
- ShellcodeRunner.N
- ShellcodeRunner.NB
- ShellcodeRunner.TU
- ShellcodeRunner.VA
- ShellcodeRunner.XF
- ShellcodeRunner.XG
- Small.AG
- Small.AH
- Spoofer.L
- Trojan.Agent.Gen.FH
- Trojan.Agent.Gen.YL
- Trojan.ShellcodeRunner.Gen.AO
- Trojan.ShellcodeRunner.Gen.BN
- Trojan.ShellcodeRunner.Gen.CI
- Trojan.ShellcodeRunner.Gen.DY
- Trojan.ShellcodeRunner.Gen.EY
- Trojan.ShellcodeRunner.Gen.Y
