Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
yoitv.zip
-
Size
37.0MB
-
Sample
240306-stnwwsca9z
-
MD5
620cbb74379d12a400f3047816873aba
-
SHA1
fa590c18bc4668504790dd8259eea64d9b9810bb
-
SHA256
78f4accdfe82fceb7a536dc733d0775c8da7d8e0ced61f3f0175254ec3fbc8ef
-
SHA512
1c2570ceb9eb6f371498de43192b0bd1a9094e9a2aa65dcc20270f69b791ad508084fe6b46bf42b651a0e3f0b756c07d6b2dbe71aefbc31872a70ac7f56a0918
-
SSDEEP
786432:hIJoNHK1Gcejs7cRSR6HsEI2gtRvf1r1ry8Lx7/wIqYdWd8Kr21wI:h9WGcerSc42gfv9r1btqYdWd8r
Static task
static1
Behavioral task
behavioral1
Sample
YOITV1.0.0.2/YoiTV_1.0.0.2.apk
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
YOITV1.0.0.2/YoiTV_1.0.0.2.dmg
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
YoiTV/YoiTV.app/Contents/MacOS/YoiTV
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
YOITV1.0.0.2/YoiTV_1.0.0.2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
YOITV1.0.0.2/YoiTV_1.0.0.2.apk.apk
-
Size
6.7MB
-
MD5
612c8f4c909e21038977d088943c9eaf
-
SHA1
952a9bd78cf077bc3a2e1b8b13c62d1b6b02b578
-
SHA256
2fdce4a457d63edeb966a1e1836dce6d1846fdc4746f5e0e988f8fb3ddc5b655
-
SHA512
b357b5347ec89b93e4dfa1ff18eeb2850a44257eebbfe9d001cfa4ab9cd380d77dabdf734bc58362da8dec8f65fb9466bb2314ce009266b969dd24cef64b5fe9
-
SSDEEP
196608:IIAOsdqcMC8Qo/ADNyETuBlyPzSYglz7DelJR3facLp:Rsdq8o/6yE0MPeYglz3ezRva6p
Score3/10 -
-
-
Target
YOITV1.0.0.2/YoiTV_1.0.0.2.dmg.dmg
-
Size
16.0MB
-
MD5
4e95ccf4ac3f90736cf5d66b62c11916
-
SHA1
1a19a7001a948d708d0f225cf9f404b98a45f434
-
SHA256
03d81e22ac376fbc188a8f227002c312d9dfa4021adb10a32d29f4c855181fe6
-
SHA512
0d0bd000c93a5428d00ab6c709f12c1b463ab841df123cfc2106116380b8f45f7ed41e2dbd991da386965d90d48fe5f95630c0623849a6fb6df55c1405d5ec39
-
SSDEEP
393216:Ap2o4qWTjvlHAOTcSWSBYXRmKpQOswAQvN4e9BrRBETC2by:22tqOHAbSWzEn5wAQFB9tIny
Score3/10 -
-
-
Target
YoiTV/YoiTV.app/Contents/MacOS/YoiTV
-
Size
16.3MB
-
MD5
4f3814b8b0914469c7aa4e7989d945da
-
SHA1
4fa6ca9461c7e2a1537464f0a4b156046d3d7962
-
SHA256
9c5c9eab80791f223a59bdd9711cfa81d6670efb9b1709a3c9b39a3ac7818222
-
SHA512
5cc49a59cf472ea9297dec28676ab6e8b5d2ca2604c878e7a0c6657ae597092916f6b819c85f11783f908452fb416f78a230bceaafade29cf327e6a87b0127c4
-
SSDEEP
98304:4OvS1fxpjbgFTfV8LwKFAgXb/8Y0ke1ehqTUXa7j9I8JHejlSHLz01Sb/kvCEyE/:fpmVAUXafEfSbjEyEIjnxeHY4Ejz3yF
Score1/10 -
-
-
Target
YOITV1.0.0.2/YoiTV_1.0.0.2.exe.exe
-
Size
15.0MB
-
MD5
d08dfa10f3350ef2b9baa3121bcf6097
-
SHA1
8c8ea94c1f95ae6c37829fcb092d6e3ccb9d81d4
-
SHA256
abd3bee9a5a3461c6beb58ab34f7068833c520620ff82702fde14fc5d5ffe770
-
SHA512
327037167cf08d03383cc42b884b79b6b14ca1f4968aa8bc99bbb17c1f174471a012a485da00fb1d31400d863b5e1e222ba1390d81eb98138cb8bdcc1e5bd6fb
-
SSDEEP
393216:wvdNPx+87LDJw2iD2nCAt9MKcoY3cL5bE+/morrJYX7I2HXMo:G+GLXPnCasokKxmErwXMo
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-