General
-
Target
ChromeSetup (2).exe
-
Size
1.3MB
-
Sample
201121-ajtbf3vjzj
-
MD5
ecc058f48cd239512937c92d3c0553ee
-
SHA1
f7c9614da5c98c5131ed2e8a798ccd0f279d5adc
-
SHA256
aca765bcd02d7720bcdfc6bca39951b9709dd57598b757f82928d81858fdd94e
-
SHA512
4c9c99a4a84963f7e59dd0339178c44b36e7fb52df2b8a9aadf929b05ef1f8eb93cffa8d73382f7f57107201ea1da1cce69c297b4dfa964453ac4816e754bc5e
Static task
static1
Behavioral task
behavioral1
Sample
ChromeSetup (2).exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ChromeSetup (2).exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
ChromeSetup (2).exe
-
Size
1.3MB
-
MD5
ecc058f48cd239512937c92d3c0553ee
-
SHA1
f7c9614da5c98c5131ed2e8a798ccd0f279d5adc
-
SHA256
aca765bcd02d7720bcdfc6bca39951b9709dd57598b757f82928d81858fdd94e
-
SHA512
4c9c99a4a84963f7e59dd0339178c44b36e7fb52df2b8a9aadf929b05ef1f8eb93cffa8d73382f7f57107201ea1da1cce69c297b4dfa964453ac4816e754bc5e
Score10/10-
Registers COM server for autorun
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
JavaScript code in executable
-
Modifies service
-