Overview

overview

7

Static

static

7

VPN-517vpn...pn.dll

windows7-x64

3

VPN-517vpn...pn.dll

windows10-2004-x64

1

VPN-517vpn...��.exe

windows7-x64

7

VPN-517vpn...��.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/03/2024, 00:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VPN-517vpn免费版/VPN-517vpn免费版.exe

  • Size

    1014KB

  • MD5

    d1b5de70dab5866a18ca68ad8b0dc182

  • SHA1

    6d5a898096f599f6c5effde98a62c5026da6b6a6

  • SHA256

    c7a7614ab00b55fbb2be6574d58f3ef2c360965fbf803d502adb6eb42908e6d8

  • SHA512

    b9192e75750a310553604cfcb8af2cf78ebf9801ea1d657717f1020e51c2574d75e8e8896230563ee19e4b63b383fa72689dc4e230ac095d28bcd76e098e8dac

  • SSDEEP

    24576:rzavXGCeiu9M5uXTIwPe1QNHS6uKYxuyCl89EmL5WgdejprMcB+:yQgukwPmQcKYclGEasgdMprM4+

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VPN-517vpn免费版\VPN-517vpn免费版.exe
    "C:\Users\Admin\AppData\Local\Temp\VPN-517vpn免费版\VPN-517vpn免费版.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\VPN-517vpn免费版\517VPN.ini
    Filesize

    206B

    MD5

    dbd33cc8aa08a82053914d230bd94d3f

    SHA1

    5d94a484cce3d6972386136ffcd93710c76d3836

    SHA256

    041ecb7debc296d70fe929988c41e313d5ac3973853ca8b6e41a2c45d6cf62bf

    SHA512

    7625e947f2fbb1aece04fc5dd80448906abafa98d49d92e52c2b692e2d399f0667e54ea623f22533091210db9fa1ca6ba008d915d93c513b8918d8b08c9eadcc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_img.img
    Filesize

    13KB

    MD5

    2af1c92f061314fbe9457d080a554d98

    SHA1

    12574884a2aa1fd26d3e61ffd71e16ad07e62431

    SHA256

    362545a4d5e023c3218dc7c25d9f78754973fd8e642df49fdf1c43b8e673b9c0

    SHA512

    3bc3eae1c619b0e5aa6abec2b3b944eb994706f51ae7d08b6bbe3fcf13cf6f29f7bc2ce3fe0ee8b19d9161a57150a3c811a1c2ed17cc53c620043d2428294d7d

    Download Submit

  • memory/1796-0-0x0000000000400000-0x0000000000622000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1796-87-0x0000000000400000-0x0000000000622000-memory.dmp

    Filesize

    2.1MB

    Download