Overview

overview

8

Static

static

1

UrbanVPN2.exe

windows7-x64

8

UrbanVPN2.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    UrbanVPN2.exe

  • Size

    30.1MB

  • Sample

    240115-awkcdaehg9

  • MD5

    165edd2a333cba2006d201cb63e70ffe

  • SHA1

    8b64df71c3c09980ddda746fda7b42e2b6ac04ea

  • SHA256

    6ed0935ff0c1e0bbe3768620b8f6ca536c7ec11dfbcfb34fdd91e5195ba7e500

  • SHA512

    738d8d1e11b8879c82b557f7b4750c87ecbcb6831e2af3afe243b2dfa10f298b4c061632c0ddc66464b852b118e72e3a587f090edc7f4439c191fd4c74aeee2a

  • SSDEEP

    786432:ut896oiQ/V4mujOmASXig7+L+z6tHTp5Z4Q5:D1iSWmujwSSSwHt

Score
8/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      UrbanVPN2.exe

    • Size

      30.1MB

    • MD5

      165edd2a333cba2006d201cb63e70ffe

    • SHA1

      8b64df71c3c09980ddda746fda7b42e2b6ac04ea

    • SHA256

      6ed0935ff0c1e0bbe3768620b8f6ca536c7ec11dfbcfb34fdd91e5195ba7e500

    • SHA512

      738d8d1e11b8879c82b557f7b4750c87ecbcb6831e2af3afe243b2dfa10f298b4c061632c0ddc66464b852b118e72e3a587f090edc7f4439c191fd4c74aeee2a

    • SSDEEP

      786432:ut896oiQ/V4mujOmASXig7+L+z6tHTp5Z4Q5:D1iSWmujwSSSwHt

    Score
    8/10
    discoveryevasionpersistencetrojan

    • Drops file in Drivers directory

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks