Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Ydnzbiyou.exe

windows7-x64

6

Ydnzbiyou.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb53988f7d0d0767359cdcbbe0675d9f.bin

  • Size

    1.7MB

  • Sample

    240913-b7fn1axemk

  • MD5

    e1898d07ec5b69ba213b51e57e5b982d

  • SHA1

    59396dfca9aa0764af76a965429a1425b57b5f66

  • SHA256

    8f948e753c653f285d3bd2c7162ff425013700f14cdae0188928fd3617ccd546

  • SHA512

    f0dd3683d6edde32acf53d0f4219a0050d2c12e19db383cd0ba37e126f4a17e391891f5db78030afc5e42c6f48619b06c9c413bebe146408915b446f452e533b

  • SSDEEP

    49152:J+ngp7mHn3ZbhpKj+JybilkE4yg487l3BZdtg+u:Mn7Hn3ZFzclyGxBPtgh

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      Ydnzbiyou.exe

    • Size

      1.9MB

    • MD5

      094e6746e1752f9903aa0c1648477775

    • SHA1

      fb3089799dbcbad6f773cfdfc3155f8fe11c1cc1

    • SHA256

      b4ed047267c6bd91d08411d46e20536a5125318de158e0378b5125da04fa0b1d

    • SHA512

      40deac77c33afbd56bb064590320e658c4a51eab38e943b376518245464d3db6e6fc5c1be549cd79b76d4331ee07d038f5e29603f2a25c2e9bb7972cf364bbc1

    • SSDEEP

      49152:JRqmjynpJxHiO+gwK3fR3mXeXD5KYk6Hj+vWzgwR//T7:3q75zfR3muFE6Hj+OhR/77

    Score
    10/10
    discoverypersistence

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks