Overview

overview

8

Static

static

1

UrbanVPN2.exe

windows7-x64

8

UrbanVPN2.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    UrbanVPN2.exe

  • Size

    30.9MB

  • Sample

    230602-f4hreahh84

  • MD5

    ddc5a4819ff054fdec3b4a067a687a45

  • SHA1

    aeed09601a0791234350bac293acf9342046edd7

  • SHA256

    25d1ece063e1c25b14842f8f95b24c560bc252ef7f35e1a125c52bf4d7c4e92c

  • SHA512

    e77fbf59e324b96c06d7aaee19f320995ded5cb1ee053ced58d02ef59dc9d28882f140d3014fe50a3a4f45f2afd0dbf42c91584532e766426059f346432a6911

  • SSDEEP

    786432:PZgkTk8QY0E+kRn708g2w8URheOe0fXKWuZHOfQ:PyNY0E++g8L7Ipe+TuZ

Score
8/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      UrbanVPN2.exe

    • Size

      30.9MB

    • MD5

      ddc5a4819ff054fdec3b4a067a687a45

    • SHA1

      aeed09601a0791234350bac293acf9342046edd7

    • SHA256

      25d1ece063e1c25b14842f8f95b24c560bc252ef7f35e1a125c52bf4d7c4e92c

    • SHA512

      e77fbf59e324b96c06d7aaee19f320995ded5cb1ee053ced58d02ef59dc9d28882f140d3014fe50a3a4f45f2afd0dbf42c91584532e766426059f346432a6911

    • SSDEEP

      786432:PZgkTk8QY0E+kRn708g2w8URheOe0fXKWuZHOfQ:PyNY0E++g8L7Ipe+TuZ

    Score
    8/10
    discoveryevasiontrojan

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks