Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Lets-Vpn.exe.v
-
Size
46.6MB
-
Sample
240907-se9vta1gnc
-
MD5
9b28a19b1ae3cca3c0d7448f80e0a5a0
-
SHA1
40ce2dcce3deefae33cca613476591a44ca9fcd4
-
SHA256
66db50cb39faba5f27e42e768e7a62be67be39c99609ee9a4a58a547121b5f4a
-
SHA512
c8c7d9d03bad6aaaf6f33bd4847d11cdf7619e93c465e4763705fa7718bc0631ad05e1e2d717381b84e6083ff231d6e6520372f095fe0ad63f09bd9f0ff806c0
-
SSDEEP
786432:SnFV0vyT4T2bEOwl2jorH5HhMfaVR1xeTSvbbygQrz9i7T0h2i55j1ioAxGbOVJw:zvyRb9wldL5H6fiOIKgQdoT0h2i/jDAK
Static task
static1
Behavioral task
behavioral1
Sample
Lets-Vpn.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Lets-Vpn.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Lets-Vpn.exe.v
-
Size
46.6MB
-
MD5
9b28a19b1ae3cca3c0d7448f80e0a5a0
-
SHA1
40ce2dcce3deefae33cca613476591a44ca9fcd4
-
SHA256
66db50cb39faba5f27e42e768e7a62be67be39c99609ee9a4a58a547121b5f4a
-
SHA512
c8c7d9d03bad6aaaf6f33bd4847d11cdf7619e93c465e4763705fa7718bc0631ad05e1e2d717381b84e6083ff231d6e6520372f095fe0ad63f09bd9f0ff806c0
-
SSDEEP
786432:SnFV0vyT4T2bEOwl2jorH5HhMfaVR1xeTSvbbygQrz9i7T0h2i55j1ioAxGbOVJw:zvyRb9wldL5H6fiOIKgQdoT0h2i/jDAK
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-