4edb1135db0ef587a2fc2fe749b60566cb3aaaac6fb81d04c7401c14b60225a5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

youdupdata.exe

windows7-x64

7

youdupdata.exe

windows10-1703-x64

8

youdupdata.exe

windows10-2004-x64

8

Sharing

General

Target

youdupdata.exe
Size

5.4MB
Sample

231121-e7c5nach6t
MD5

4309bcede75c0d955de1c59ab634d7e7
SHA1

73bb7a51945c60c2ae64e33b9728f43f2f2c83c4
SHA256

4edb1135db0ef587a2fc2fe749b60566cb3aaaac6fb81d04c7401c14b60225a5
SHA512

9d6a9be7dc544e80fa7e6cbb722e01b8a7e4b6e4c85f5a8dc89f6589f9d6dce9035afedf804c4deee6105bd562de925125a7fc2887af53e26a1d0ead85617e2b
SSDEEP

98304:1QGp99ObznpmJy2Ahua4MnQ7PRPH2u7gaQoZrIr56sF:1N90bTQs2bl/xXQkrIr5fF

Score

8^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

youdupdata.exe

Resource

win7-20231020-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

youdupdata.exe

Resource

win10-20231020-en

windows10-1703-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

youdupdata.exe

Resource

win10v2004-20231023-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  youdupdata.exe
- Size
  
  5.4MB
- MD5
  
  4309bcede75c0d955de1c59ab634d7e7
- SHA1
  
  73bb7a51945c60c2ae64e33b9728f43f2f2c83c4
- SHA256
  
  4edb1135db0ef587a2fc2fe749b60566cb3aaaac6fb81d04c7401c14b60225a5
- SHA512
  
  9d6a9be7dc544e80fa7e6cbb722e01b8a7e4b6e4c85f5a8dc89f6589f9d6dce9035afedf804c4deee6105bd562de925125a7fc2887af53e26a1d0ead85617e2b
- SSDEEP
  
  98304:1QGp99ObznpmJy2Ahua4MnQ7PRPH2u7gaQoZrIr56sF:1N90bTQs2bl/xXQkrIr5fF
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2025

Terms | Privacy