ChromeSetup (2).exe

General
Target

ChromeSetup (2).exe

Size

1MB

Sample

201121-ajtbf3vjzj

Score
10 /10
MD5

ecc058f48cd239512937c92d3c0553ee

SHA1

f7c9614da5c98c5131ed2e8a798ccd0f279d5adc

SHA256

aca765bcd02d7720bcdfc6bca39951b9709dd57598b757f82928d81858fdd94e

SHA512

4c9c99a4a84963f7e59dd0339178c44b36e7fb52df2b8a9aadf929b05ef1f8eb93cffa8d73382f7f57107201ea1da1cce69c297b4dfa964453ac4816e754bc5e

Malware Config
Targets
Target

ChromeSetup (2).exe

MD5

ecc058f48cd239512937c92d3c0553ee

Filesize

1MB

Score
10 /10
SHA1

f7c9614da5c98c5131ed2e8a798ccd0f279d5adc

SHA256

aca765bcd02d7720bcdfc6bca39951b9709dd57598b757f82928d81858fdd94e

SHA512

4c9c99a4a84963f7e59dd0339178c44b36e7fb52df2b8a9aadf929b05ef1f8eb93cffa8d73382f7f57107201ea1da1cce69c297b4dfa964453ac4816e754bc5e

Tags

Signatures

  • Registers COM server for autorun

    Tags

    TTPs

    Registry Run Keys / Startup Folder
  • Executes dropped EXE

  • Modifies Installed Components in the registry

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry
  • Sets file execution options in registry

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry
  • Suspicious Office macro

    Description

    Office document equipped with 4.0 macros.

    Tags

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Drops Chrome extension

  • JavaScript code in executable

  • Modifies service

    Tags

    TTPs

    Modify Registry Modify Existing Service
  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query Registry System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1