Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
youdupdata.exe
-
Size
5.4MB
-
Sample
231121-e7c5nach6t
-
MD5
4309bcede75c0d955de1c59ab634d7e7
-
SHA1
73bb7a51945c60c2ae64e33b9728f43f2f2c83c4
-
SHA256
4edb1135db0ef587a2fc2fe749b60566cb3aaaac6fb81d04c7401c14b60225a5
-
SHA512
9d6a9be7dc544e80fa7e6cbb722e01b8a7e4b6e4c85f5a8dc89f6589f9d6dce9035afedf804c4deee6105bd562de925125a7fc2887af53e26a1d0ead85617e2b
-
SSDEEP
98304:1QGp99ObznpmJy2Ahua4MnQ7PRPH2u7gaQoZrIr56sF:1N90bTQs2bl/xXQkrIr5fF
Static task
static1
Behavioral task
behavioral1
Sample
youdupdata.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
youdupdata.exe
Resource
win10-20231020-en
Behavioral task
behavioral3
Sample
youdupdata.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
youdupdata.exe
-
Size
5.4MB
-
MD5
4309bcede75c0d955de1c59ab634d7e7
-
SHA1
73bb7a51945c60c2ae64e33b9728f43f2f2c83c4
-
SHA256
4edb1135db0ef587a2fc2fe749b60566cb3aaaac6fb81d04c7401c14b60225a5
-
SHA512
9d6a9be7dc544e80fa7e6cbb722e01b8a7e4b6e4c85f5a8dc89f6589f9d6dce9035afedf804c4deee6105bd562de925125a7fc2887af53e26a1d0ead85617e2b
-
SSDEEP
98304:1QGp99ObznpmJy2Ahua4MnQ7PRPH2u7gaQoZrIr56sF:1N90bTQs2bl/xXQkrIr5fF
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-