Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

LoaderVIP.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LoaderVIP.exe

  • Size

    16KB

  • Sample

    230104-gemjqshd2z

  • MD5

    497466ba1ebbb8fa534926f620d05825

  • SHA1

    a6a3ed16390df2848ae3467d4309483c309c1886

  • SHA256

    989a0d6488c53005814f0ce89e01814ef67df76de32c6ca7e26de27a38eca0b6

  • SHA512

    f2bb8a7b18e31266622bd2639a5713743b7b2d21bcb7d9e331964d1a3d892ba3f69747f889e6736d25b18ca4b4eab4651975571b450e810871b0c84ee7a06248

  • SSDEEP

    384:VL9SDQZxLTehau23G6c1YwfN09t6cDE33DhSHkON/GlfgOb5:pghaN39NwFJiE33VSEONulfgO

Score
8/10

Malware Config

Targets

    • Target

      LoaderVIP.exe

    • Size

      16KB

    • MD5

      497466ba1ebbb8fa534926f620d05825

    • SHA1

      a6a3ed16390df2848ae3467d4309483c309c1886

    • SHA256

      989a0d6488c53005814f0ce89e01814ef67df76de32c6ca7e26de27a38eca0b6

    • SHA512

      f2bb8a7b18e31266622bd2639a5713743b7b2d21bcb7d9e331964d1a3d892ba3f69747f889e6736d25b18ca4b4eab4651975571b450e810871b0c84ee7a06248

    • SSDEEP

      384:VL9SDQZxLTehau23G6c1YwfN09t6cDE33DhSHkON/GlfgOb5:pghaN39NwFJiE33VSEONulfgO

    Score
    8/10

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks