Overview

overview

7

Static

static

3

iTopVPN_es...up.exe

windows7-x64

7

iTopVPN_es...up.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    iTopVPN_esseo_win_setup.exe.bin

  • Size

    25.0MB

  • Sample

    230501-yhlv2shh4s

  • MD5

    c46206cc3db3ba6cf9e63b768cba3c0b

  • SHA1

    be6b02e5ab3a464c8ac2b4e1ecefff968cf6695f

  • SHA256

    f1708a369bd5c5b852044268d3fd064d2fed1d52543762c05f6918c8c87cf96a

  • SHA512

    cc40f4545eb5a8342f9bece9b1a1552e9ef3b3a014d128031a0841d862ebed92de7d8f3417357c02f086973cda985e694ba2ee96f98cce98930a0e1e675d0eca

  • SSDEEP

    393216:S4l3fPRhPautpsXQENOeRa6mFpg1uc54qFAGfp9RsT5lkZ4pygk8368dMlGz5rrS:hlPPRhP3qxOg1ucaAx9RsT1pyxkhS

Score
7/10

Malware Config

Targets

    • Target

      iTopVPN_esseo_win_setup.exe.bin

    • Size

      25.0MB

    • MD5

      c46206cc3db3ba6cf9e63b768cba3c0b

    • SHA1

      be6b02e5ab3a464c8ac2b4e1ecefff968cf6695f

    • SHA256

      f1708a369bd5c5b852044268d3fd064d2fed1d52543762c05f6918c8c87cf96a

    • SHA512

      cc40f4545eb5a8342f9bece9b1a1552e9ef3b3a014d128031a0841d862ebed92de7d8f3417357c02f086973cda985e694ba2ee96f98cce98930a0e1e675d0eca

    • SSDEEP

      393216:S4l3fPRhPautpsXQENOeRa6mFpg1uc54qFAGfp9RsT5lkZ4pygk8368dMlGz5rrS:hlPPRhP3qxOg1ucaAx9RsT1pyxkhS

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks