home

yac.exe

Func Component

Product:
Func Component

Version:
1.0.0.2

MD5:
8a8300560801f5d8659044e1bf584ad1

SHA-1:
5c2e96a84bc5964aebc2cca8d01d366d1d6d5730

SHA-256:
f6638498ae08b74ec5891f7b5c308ffa23d44e726b0b9fe076cfd41c85dc8587

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/27/2024 12:14:03 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Hacktool.Win32.AdLoad
4.0.3.141227

Kaspersky
not-a-virus:Downloader.Win32.AdLoad
14.0.0.2731

McAfee
Artemis!8A8300560801
5600.6903

Panda Antivirus
Generic Suspicious
14.12.27.04

Trend Micro House Call
Suspicious_GEN.F47V1225
7.2.361

File size:
391.5 KB (400,896 bytes)

Product version:
1.0.0.2

Copyright:
Copyright (C) 2014

Original file name:
func.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\elex-tech\yac\update\0\yac.exe

File PE Metadata
Compilation timestamp:
12/23/2014 8:22:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:Jqj7z170SxrSaMLO0yHaS/hP1O1hh1e6XuB:EnB7PJMS5JP1OV1e6XuB

Entry address:
0x1B4C2

Entry point:
E8, A1, 64, 00, 00, E9, 7F, FE, FF, FF, FF, 35, 78, 26, 45, 00, FF, 15, DC, 31, 43, 00, C3, 55, 8B, EC, 8B, 45, 08, A3, 70, 26, 45, 00, A3, 74, 26, 45, 00, A3, 78, 26, 45, 00, A3, 7C, 26, 45, 00, 5D, C3, 6A, 24, 68, 38, CB, 44, 00, E8, 3F, 21, 00, 00, 33, DB, 89, 5D, E0, 33, FF, 89, 7D, D8, 8B, 75, 08, 83, FE, 0B, 7F, 50, 74, 15, 8B, C6, 6A, 02, 59, 2B, C1, 74, 22, 2B, C1, 74, 08, 2B, C1, 74, 5E, 2B, C1, 75, 48, E8, E1, 32, 00, 00, 8B, F8, 89, 7D, D8, 85, FF, 75, 16, 83, C8, FF, E9, 64, 01, 00, 00, C7, 45...
 
[+]

Entropy:
5.6373

Code size:
197 KB (201,728 bytes)

The file yac.exe has been seen being distributed by the following URL.

http://dl.yac.mx/update/isafe/5.6.123/.../yacdl4_2014_12_24_1.exe

Scan yac.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.