Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    yoitv.zip

  • Size

    37.0MB

  • Sample

    240306-stnwwsca9z

  • MD5

    620cbb74379d12a400f3047816873aba

  • SHA1

    fa590c18bc4668504790dd8259eea64d9b9810bb

  • SHA256

    78f4accdfe82fceb7a536dc733d0775c8da7d8e0ced61f3f0175254ec3fbc8ef

  • SHA512

    1c2570ceb9eb6f371498de43192b0bd1a9094e9a2aa65dcc20270f69b791ad508084fe6b46bf42b651a0e3f0b756c07d6b2dbe71aefbc31872a70ac7f56a0918

  • SSDEEP

    786432:hIJoNHK1Gcejs7cRSR6HsEI2gtRvf1r1ry8Lx7/wIqYdWd8Kr21wI:h9WGcerSc42gfv9r1btqYdWd8r

Score
7/10

Malware Config

Targets

    • Target

      YOITV1.0.0.2/YoiTV_1.0.0.2.apk.apk

    • Size

      6.7MB

    • MD5

      612c8f4c909e21038977d088943c9eaf

    • SHA1

      952a9bd78cf077bc3a2e1b8b13c62d1b6b02b578

    • SHA256

      2fdce4a457d63edeb966a1e1836dce6d1846fdc4746f5e0e988f8fb3ddc5b655

    • SHA512

      b357b5347ec89b93e4dfa1ff18eeb2850a44257eebbfe9d001cfa4ab9cd380d77dabdf734bc58362da8dec8f65fb9466bb2314ce009266b969dd24cef64b5fe9

    • SSDEEP

      196608:IIAOsdqcMC8Qo/ADNyETuBlyPzSYglz7DelJR3facLp:Rsdq8o/6yE0MPeYglz3ezRva6p

    Score
    3/10
    • Target

      YOITV1.0.0.2/YoiTV_1.0.0.2.dmg.dmg

    • Size

      16.0MB

    • MD5

      4e95ccf4ac3f90736cf5d66b62c11916

    • SHA1

      1a19a7001a948d708d0f225cf9f404b98a45f434

    • SHA256

      03d81e22ac376fbc188a8f227002c312d9dfa4021adb10a32d29f4c855181fe6

    • SHA512

      0d0bd000c93a5428d00ab6c709f12c1b463ab841df123cfc2106116380b8f45f7ed41e2dbd991da386965d90d48fe5f95630c0623849a6fb6df55c1405d5ec39

    • SSDEEP

      393216:Ap2o4qWTjvlHAOTcSWSBYXRmKpQOswAQvN4e9BrRBETC2by:22tqOHAbSWzEn5wAQFB9tIny

    Score
    3/10
    • Target

      YoiTV/YoiTV.app/Contents/MacOS/YoiTV

    • Size

      16.3MB

    • MD5

      4f3814b8b0914469c7aa4e7989d945da

    • SHA1

      4fa6ca9461c7e2a1537464f0a4b156046d3d7962

    • SHA256

      9c5c9eab80791f223a59bdd9711cfa81d6670efb9b1709a3c9b39a3ac7818222

    • SHA512

      5cc49a59cf472ea9297dec28676ab6e8b5d2ca2604c878e7a0c6657ae597092916f6b819c85f11783f908452fb416f78a230bceaafade29cf327e6a87b0127c4

    • SSDEEP

      98304:4OvS1fxpjbgFTfV8LwKFAgXb/8Y0ke1ehqTUXa7j9I8JHejlSHLz01Sb/kvCEyE/:fpmVAUXafEfSbjEyEIjnxeHY4Ejz3yF

    Score
    1/10
    • Target

      YOITV1.0.0.2/YoiTV_1.0.0.2.exe.exe

    • Size

      15.0MB

    • MD5

      d08dfa10f3350ef2b9baa3121bcf6097

    • SHA1

      8c8ea94c1f95ae6c37829fcb092d6e3ccb9d81d4

    • SHA256

      abd3bee9a5a3461c6beb58ab34f7068833c520620ff82702fde14fc5d5ffe770

    • SHA512

      327037167cf08d03383cc42b884b79b6b14ca1f4968aa8bc99bbb17c1f174471a012a485da00fb1d31400d863b5e1e222ba1390d81eb98138cb8bdcc1e5bd6fb

    • SSDEEP

      393216:wvdNPx+87LDJw2iD2nCAt9MKcoY3cL5bE+/morrJYX7I2HXMo:G+GLXPnCasokKxmErwXMo

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks