c43239195576c825e3d8b3667ab6cd267fa9868f305fae5c491a0342cc12aebe | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ChromeSetup.exe

windows7-x64

8

ChromeSetup.exe

windows10-2004-x64

8

Sharing

General

Target

ChromeSetup.exe
Size

1.4MB
Sample

230530-pffftahe36
MD5

0c8713545da5b0d111f8c510ff0710c8
SHA1

f1e17c5d143801ca4889f12ec33e9e34bf661569
SHA256

c43239195576c825e3d8b3667ab6cd267fa9868f305fae5c491a0342cc12aebe
SHA512

36a8093519a35afab3576b8cd3ccc46087cf0f717496b93c50d3fce3dec0b96f2a868413618888c3cab3f1b25233e17f6436eda1f10ace7663d9292cbed1227f
SSDEEP

24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS

Score

8^/10

discovery persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ChromeSetup.exe

Resource

win7-20230220-en

discovery persistence

windows7-x64

13 signatures

300 seconds

Behavioral task

behavioral2

Sample

ChromeSetup.exe

Resource

win10v2004-20230220-en

discovery persistence spyware stealer

windows10-2004-x64

22 signatures

300 seconds

Malware Config

Targets

- Target
  
  ChromeSetup.exe
- Size
  
  1.4MB
- MD5
  
  0c8713545da5b0d111f8c510ff0710c8
- SHA1
  
  f1e17c5d143801ca4889f12ec33e9e34bf661569
- SHA256
  
  c43239195576c825e3d8b3667ab6cd267fa9868f305fae5c491a0342cc12aebe
- SHA512
  
  36a8093519a35afab3576b8cd3ccc46087cf0f717496b93c50d3fce3dec0b96f2a868413618888c3cab3f1b25233e17f6436eda1f10ace7663d9292cbed1227f
- SSDEEP
  
  24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS
Score

8^/10

discovery persistence spyware stealer
- Downloads MZ/PE file
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops Chrome extension
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistencespywarestealer

© 2018-2025

Terms | Privacy