Overview

overview

6

Static

static

1

VIPAccessSetup.exe

windows7-x64

6

VIPAccessSetup.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VIPAccessSetup.exe

  • Size

    15.2MB

  • Sample

    231012-evxzasgc84

  • MD5

    4c9eefdf645daec351e2dcc24f23ce11

  • SHA1

    5b448eebcabc9208df32ef4ba7794a7c5e3e6b5e

  • SHA256

    74bf074b7cadce06a8633ec33a91a19ff31dcf2e48cad17b71fe44795f355b60

  • SHA512

    08fb706095ef2f29fbd1deff303608194a88c214f9f04b678dd4200c10cfee74f138827fc9f0e14a8208ac955409de80c2e58821d92ab4c57334a5808b4b63b1

  • SSDEEP

    393216:Qk9ENNSNeklpkbUvwhg1y3QSJg+NXcBNaWEaVZu:b9kSNnQbICOy3QSJLtrUO

Score
6/10

Malware Config

Targets

    • Target

      VIPAccessSetup.exe

    • Size

      15.2MB

    • MD5

      4c9eefdf645daec351e2dcc24f23ce11

    • SHA1

      5b448eebcabc9208df32ef4ba7794a7c5e3e6b5e

    • SHA256

      74bf074b7cadce06a8633ec33a91a19ff31dcf2e48cad17b71fe44795f355b60

    • SHA512

      08fb706095ef2f29fbd1deff303608194a88c214f9f04b678dd4200c10cfee74f138827fc9f0e14a8208ac955409de80c2e58821d92ab4c57334a5808b4b63b1

    • SSDEEP

      393216:Qk9ENNSNeklpkbUvwhg1y3QSJg+NXcBNaWEaVZu:b9kSNnQbICOy3QSJLtrUO

    Score
    6/10

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks