Overview

overview

8

Static

static

1

Lets-VPN.msi

windows7-x64

8

Resubmissions

08/10/2023, 19:25

231008-x4994afe31 8

08/10/2023, 18:40

231008-xbjaxahf27 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Lets-VPN.zip

  • Size

    17.7MB

  • Sample

    231008-x4994afe31

  • MD5

    c4ee49cef149c9a70ebe6292440a093a

  • SHA1

    690e6bc803694aac9feb32d223dbd0c074711bbc

  • SHA256

    43d21fa326d68173578ee098d71af395e0341fc02135909d4754446ed518478c

  • SHA512

    d5a30d1726d407e44cc646b861b171ec7d0ab4fcff154e4b51d2a6ef8995875f725fcfb8ba0df39e7ad79d4f861a96211b0e4100199672f7aaa36ea75c18130e

  • SSDEEP

    393216:3eDZlFtF7Eb4DE/b8I/Lx4GNXq2RfP1ktW3qr932k/aIBH93yHQV:3evFtF7Cz/wkzFJ3qr9JaSyHQV

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      Lets-VPN.msi

    • Size

      18.4MB

    • MD5

      757612270bc1cd69f90d6233105f416c

    • SHA1

      f270e1ab5828f92f1ea6ff489a3c9348192ed67d

    • SHA256

      02ba6e781f87f1d4271c72a8be9e0a8b46ab5f5f6b09cb14c0ec42fa85c6ce00

    • SHA512

      e2726c30531e9ac9edd14f7f4fc296ed5d72663f40ca0018fc867ee669f4158ddd922686deda84a42ce2a8f4a9855db1728fe3b4781af7c71772917a48ba4a33

    • SSDEEP

      393216:+qH8Hj5lr93pr0BRI+LpC/bYpnNNi4QEYJJwNFUMCS/8FvPR32Szqq3tzJUH:+qH8HNl/wBK5/UZfivTUHovPBNq8UH

    Score
    8/10
    persistenceupx

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks