Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

bdcd08123d...18.exe

windows7-x64

7

bdcd08123d...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/gtapi.dll

windows7-x64

3

$SYSDIR/gtapi.dll

windows10-2004-x64

3

$TEMP/Goog...ed.msi

windows7-x64

6

$TEMP/Goog...ed.msi

windows10-2004-x64

6

UUPlayer.dll

windows7-x64

3

UUPlayer.dll

windows10-2004-x64

3

UUSeePlayer.exe

windows7-x64

10

UUSeePlayer.exe

windows10-2004-x64

10

bass-plugins.exe

windows7-x64

7

bass-plugins.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CoCode.dll

windows7-x64

3

CoCode.dll

windows10-2004-x64

3

UFDeMux.dll

windows7-x64

3

UFDeMux.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2024, 02:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UUSeePlayer.exe

  • Size

    1.1MB

  • MD5

    ec9624b5b7557ce9fccf7c34f2a5a3ae

  • SHA1

    bdf4369f25dfcc9a49f9fa84ade190a99d7ff910

  • SHA256

    501e5e748e4df5b13382e8f932a7a11fc311b91059863fbbcc94bc9e41d597d3

  • SHA512

    9c443b0d2452517ba1ce0679afb063fe26e2eaa0c42d9e2018f466c27fe7939172c266ed65a1968e9cd9fbb17c18c6616a6f1e34fa473b1684f44e0c58b59d6e

  • SSDEEP

    24576:2ShKos1i1C8d+qvJJ77IZA+ELJMs8KUV2:tUq+g0651

Score
10/10
discoveryevasion

Malware Config

Signatures

  • Modifies firewall policy service 3 TTPs 4 IoCs
    evasion
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Modifies registry class 31 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\UUSeePlayer.exe
    "C:\Users\Admin\AppData\Local\Temp\UUSeePlayer.exe"
    1⤵
    • Modifies firewall policy service
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\UUDEF_Error.html
    Filesize

    278B

    MD5

    53e0ef76c32466cd92cf9ccc738ee1e4

    SHA1

    9ca4e9335799031a2e4231221514af62a40b2e1b

    SHA256

    0b7937e6d9fa6bf055adf56b5b6a76ad140426970a33eae2fada4fc8af782e70

    SHA512

    6f330f91d15f1d74a0d0f2c5e791ef3f659c509174a6a36a5bf228c1be7640d35633583cb80104c7dd7faee4ee19d6f6437b8374a8b76084c117cdcdf848c644

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UUDEF_Message.html
    Filesize

    419B

    MD5

    aae06f9422c472669168866253a25f38

    SHA1

    a0cc595dddc5adfe3d9f67d002c89d88e5fd728f

    SHA256

    37a37694c498c28fd1c6f5634da22b7624f7511940677f59e600da6066dc66f4

    SHA512

    efab9564c49d6593f35ef51aa91387fdab29cbf85396bc0f94960db7d485bb9e771ea462537396d329b9d7c7152b7e02494acdfce9d1f3ffd6028a5e48b2ada0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\def\UUDEF_Banner_2.html
    Filesize

    553B

    MD5

    45a12ef44895add34325c46ef648ebac

    SHA1

    1cb414414c5de40ec3454a29a87da6d04b9052d9

    SHA256

    bcef7641260359a67921ae73a6e999eaba9dca2e23ed9c964c821a5848f0dbde

    SHA512

    d777b357d4d31d7440f0b918db84d949eb515f55a565aff21ca6d09f94e107c3145e8358ef9e282c2d75d7c6ab926079394073b30c8de8d9a6400f1fc589dde7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\def\UUDEF_Banner_3.html
    Filesize

    728B

    MD5

    1f88a4993e3810ecbf24d99aeeaf1d8e

    SHA1

    dedb7989ed714f72a293ffc59a7af48831d57fc7

    SHA256

    acd1e2205455fa12fd899db80b5e1e6176d2b0c1b4021edcab5f31c0aafc658c

    SHA512

    40a4f5a8c76db8489087dca6ce0bd4310016c9afaae07214fa14096b623331bc12ea67e0b550a4f160751eb79710ce89b8e0864c57be99cc15c1599ecb49ec15

    Download Submit

  • C:\Windows\struct~.ini
    Filesize

    204B

    MD5

    ed0b379229602df087441a94b41a16e1

    SHA1

    2facf512948ae2414ebf61e2d142fb2e671dce21

    SHA256

    7bde990763131a82c81fb111f735f08aef111c0f235553734f3656372f5626c2

    SHA512

    ecf323e59a669bbfff52d1b426a2bffcd19bcd1b84b6fa185c6d2a9166b66404f4119388ce56a7516241f1b87a3695ba929a6ef7baa784d72d0d4388efe52164

    Download Submit

  • C:\Windows\struct~.ini
    Filesize

    204B

    MD5

    96a0100340d1df27264f3f78f3d13abf

    SHA1

    5f1349e8432e40f3cb7c18903b46c849f726cb58

    SHA256

    38957c2db953f7eca369f041eba8a7caeb1aadf7e493d6ed0f921837de25b7cf

    SHA512

    3115e287170e195b138f8a91001ce3ae7fc6d234194829a400ba6ad26a1287c170551f96fefaece9a9c34ead89b9884a2f5db779c0cce44a3abefafca8a3f8cc

    Download Submit

  • memory/4028-0-0x00000000004AB000-0x00000000004AC000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4028-512-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-511-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-4-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-3-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-2-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-1-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/4028-599-0x00000000004AB000-0x00000000004AC000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4028-600-0x0000000000400000-0x0000000000564000-memory.dmp

    Filesize

    1.4MB

    Download