Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ChromeSetup.exe

  • Size

    1.4MB

  • Sample

    230530-pffftahe36

  • MD5

    0c8713545da5b0d111f8c510ff0710c8

  • SHA1

    f1e17c5d143801ca4889f12ec33e9e34bf661569

  • SHA256

    c43239195576c825e3d8b3667ab6cd267fa9868f305fae5c491a0342cc12aebe

  • SHA512

    36a8093519a35afab3576b8cd3ccc46087cf0f717496b93c50d3fce3dec0b96f2a868413618888c3cab3f1b25233e17f6436eda1f10ace7663d9292cbed1227f

  • SSDEEP

    24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS

Malware Config

Targets

    • Target

      ChromeSetup.exe

    • Size

      1.4MB

    • MD5

      0c8713545da5b0d111f8c510ff0710c8

    • SHA1

      f1e17c5d143801ca4889f12ec33e9e34bf661569

    • SHA256

      c43239195576c825e3d8b3667ab6cd267fa9868f305fae5c491a0342cc12aebe

    • SHA512

      36a8093519a35afab3576b8cd3ccc46087cf0f717496b93c50d3fce3dec0b96f2a868413618888c3cab3f1b25233e17f6436eda1f10ace7663d9292cbed1227f

    • SSDEEP

      24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops Chrome extension

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks