ba77e50aca30982ce6913fdb23e650d93785bf5cbd31ae319c5ca91844aefcaa | Triage

Submit
Reports

Overview

overview

8

Static

static

ChromiumSetup.exe

windows7_x64

8

ChromiumSetup.exe

windows10-2004_x64

8

Sharing

General

Target

ChromiumSetup.exe
Size

53.4MB
Sample

220510-nkceaagfg4
MD5

23f274c4603006933988f05f62f53740
SHA1

99cc34ad56bef4157824043b6c4472580f5a2828
SHA256

ba77e50aca30982ce6913fdb23e650d93785bf5cbd31ae319c5ca91844aefcaa
SHA512

90747903b25723cc4d8a669f55bb84478331433b4cf1c23de7f83aa4d6fd0bdca363f785615b49574c8467d0141f053358f5023ca3224364426168a5abe2285e

Score

8^/10

bootkit discovery persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ChromiumSetup.exe

Resource

win7-20220414-en

bootkit discovery persistence spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ChromiumSetup.exe

Resource

win10v2004-20220414-en

bootkit discovery persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ChromiumSetup.exe
- Size
  
  53.4MB
- MD5
  
  23f274c4603006933988f05f62f53740
- SHA1
  
  99cc34ad56bef4157824043b6c4472580f5a2828
- SHA256
  
  ba77e50aca30982ce6913fdb23e650d93785bf5cbd31ae319c5ca91844aefcaa
- SHA512
  
  90747903b25723cc4d8a669f55bb84478331433b4cf1c23de7f83aa4d6fd0bdca363f785615b49574c8467d0141f053358f5023ca3224364426168a5abe2285e
Score

8^/10

bootkit discovery persistence spyware stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistencespywarestealer

behavioral2

bootkitdiscoverypersistencespywarestealer

© 2018-2024

Terms | Privacy