Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
yuki_v.3.rar
-
Size
8.0MB
-
Sample
230608-tdqafsgf57
-
MD5
bc940e39e7f9022e5f13d9ccdeb07231
-
SHA1
a29ed3b552cc017c4212f4ae777ad655ebe08e0a
-
SHA256
e28913f146403d7b7dbb217e697dbc74ed3421d1c2797e191e08f876bf660d05
-
SHA512
46dcd66a6b8be2bd1874d712db7d213a968f6031ab062757cc3d90ddb799fbd0c2160990b0f636387ae0b85d8e0a003ad0eb1b129fa7eb07a95441163448abd4
-
SSDEEP
196608:uI6yY3rRGma+nZyHFM5IR+r4CKm/sxlsE8Q6:z6yY3rRGfgZyHFMGUt/s/mV
Behavioral task
behavioral1
Sample
yuki_v.3.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
yuki_v.3.exe
-
Size
8.2MB
-
MD5
afa5db1116562cbb00f823e89b002ab6
-
SHA1
8f74ba65d0eb2ea8f1c1b8d32739aa094261c1aa
-
SHA256
4474fe631a42d5f9d1d3d2cb4196c370ffd8f1f5c724ce2cf974ae9ec0a02ab0
-
SHA512
78f888b4fd99170a5457006762b60aacb85470173cf3143833ffd7419f1a569f9d5c337530a864816d11c20f3f116545647e1fc206d2bb807ebdfeda51521fbd
-
SSDEEP
196608:EVxwZmL2Vmd6+D3c/f/+SrEU/e9lLh5E1wtJ79dnNnCZ:YPL2Vmd6m3c/eE7G99qITTC
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-