Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

YoudaoDict...on.msi

windows7-x64

6

YoudaoDict...on.msi

windows10-2004-x64

6

Resubmissions

13/10/2024, 12:02

241013-n7wrfazfnm 6

13/10/2024, 11:47

241013-nxwzfszbrq 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    YoudaoDict_fanyiweb_navigation.zip

  • Size

    184.4MB

  • Sample

    241013-nxwzfszbrq

  • MD5

    a124ada531f6b0cad513824c169019d1

  • SHA1

    f150cf477a88019f3c83aa30bafcceef78fa81a1

  • SHA256

    f9e8de832dbf43733ea5f447aeb7ef232862e4a485ca86c5ce72307395b99ee0

  • SHA512

    e94cc451dfff11728eecbb78df8b4498939feffe6e95a9bffb5c2e4e88cc73f6bf00076bcc3acc4cbd62a7462136af38af4191cf56b2d8f8413e1721c7f5a193

  • SSDEEP

    3145728:QOc0UVT77pJ5zhlxF+3k9i+7yJp9UwNR9XB5zCj6V+iKiV9CgPZDMyvUcsqW+dYi:QDRnJ5zhlxF+37jJp9UwhyjiK09NBOXq

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      YoudaoDict_fanyiweb_navigation.msi

    • Size

      187.0MB

    • MD5

      70aeba0286a77763521f8c06a1cebf60

    • SHA1

      24af28f2b995668258e108dd44bc4c9111192c13

    • SHA256

      04c09c1d4c7674a6a70fcc6aa742aa300bd78f724d6de610d3809b444326b12f

    • SHA512

      4f2b9d38e8abdcb4bcc75b6445519a8ebec0c6770b4f5c0c2c0e8890c88bce47bfcfa0fc22b523304b155782151d32e7501cbd2d36af7cd9f5492360e8bbaee0

    • SSDEEP

      3145728:rObtNwBblcqir6N2pdI5OExQPPc0Bi8NKIM5ZTs5+IVzqYqBMeutEsSQHXLY+gQe:Shdueq5dxQncq2RBs5XzqABtEqTjtxO

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks