Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ibVPN-AIO-Setup.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ibVPN-AIO-Setup.exe

  • Size

    10.7MB

  • Sample

    230529-eq9gjahe78

  • MD5

    fafdb1773e105a9e7cb07aaac954ffed

  • SHA1

    4c7a05c314e7dc8cf36d6b156f43f867cdb10f7b

  • SHA256

    3b634f6fcf8d34329c87c84bcdd2797716f91c1280e84eac0b1a53709555a7ed

  • SHA512

    419e06187f669a20bea97519ebbe7e09a249ed9f80aceb2f5a042e0afb2275205ac633336e019b9aa0a159ad2c8f885dbb8b0ea7bebab0ba7709bbcef347707a

  • SSDEEP

    196608:idwM9sF+myQlARKMIoL6RYh0tf9L6gU8BoyP7T3YYSxjYxavaMB:Z9FCQGKboO5tFjUeL33BSFfvaQ

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      ibVPN-AIO-Setup.exe

    • Size

      10.7MB

    • MD5

      fafdb1773e105a9e7cb07aaac954ffed

    • SHA1

      4c7a05c314e7dc8cf36d6b156f43f867cdb10f7b

    • SHA256

      3b634f6fcf8d34329c87c84bcdd2797716f91c1280e84eac0b1a53709555a7ed

    • SHA512

      419e06187f669a20bea97519ebbe7e09a249ed9f80aceb2f5a042e0afb2275205ac633336e019b9aa0a159ad2c8f885dbb8b0ea7bebab0ba7709bbcef347707a

    • SSDEEP

      196608:idwM9sF+myQlARKMIoL6RYh0tf9L6gU8BoyP7T3YYSxjYxavaMB:Z9FCQGKboO5tFjUeL33BSFfvaQ

    Score
    8/10
    discoverypersistence

    • Drops file in Drivers directory

    • Sets DLL path for service in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks