Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

08/06/2023, 16:48

230608-vbj64agh89 7

08/06/2023, 16:26

230608-txggnahe5v 7

08/06/2023, 15:56

230608-tdqafsgf57 7

General

  • Target

    yuki_v.3.rar

  • Size

    8.0MB

  • Sample

    230608-vbj64agh89

  • MD5

    bc940e39e7f9022e5f13d9ccdeb07231

  • SHA1

    a29ed3b552cc017c4212f4ae777ad655ebe08e0a

  • SHA256

    e28913f146403d7b7dbb217e697dbc74ed3421d1c2797e191e08f876bf660d05

  • SHA512

    46dcd66a6b8be2bd1874d712db7d213a968f6031ab062757cc3d90ddb799fbd0c2160990b0f636387ae0b85d8e0a003ad0eb1b129fa7eb07a95441163448abd4

  • SSDEEP

    196608:uI6yY3rRGma+nZyHFM5IR+r4CKm/sxlsE8Q6:z6yY3rRGfgZyHFMGUt/s/mV

Malware Config

Targets

    • Target

      yuki_v.3.exe

    • Size

      8.2MB

    • MD5

      afa5db1116562cbb00f823e89b002ab6

    • SHA1

      8f74ba65d0eb2ea8f1c1b8d32739aa094261c1aa

    • SHA256

      4474fe631a42d5f9d1d3d2cb4196c370ffd8f1f5c724ce2cf974ae9ec0a02ab0

    • SHA512

      78f888b4fd99170a5457006762b60aacb85470173cf3143833ffd7419f1a569f9d5c337530a864816d11c20f3f116545647e1fc206d2bb807ebdfeda51521fbd

    • SSDEEP

      196608:EVxwZmL2Vmd6+D3c/f/+SrEU/e9lLh5E1wtJ79dnNnCZ:YPL2Vmd6m3c/eE7G99qITTC

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks