Overview

overview

7

Static

static

3

Chrome.exe

windows7-x64

7

Chrome.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Chrome.exe

  • Size

    188KB

  • Sample

    231012-a8nkkagd77

  • MD5

    3d70c236967449f7600d535e8b49a9fe

  • SHA1

    6dec58711262d645cbe2a782bc88e1c13ef9cb2c

  • SHA256

    8f8fea50736623743c2a670586f7c14294479f53b58cde66132a3ac8b5d46502

  • SHA512

    a5c38a77ecdd635a5d170bfb762f1d59c8c9b2f03b40fe67462839a8f3f3f416c098c0d88765785e22c889b01cf50e47980631b27518329b38a27671d77fda41

  • SSDEEP

    3072:S1hxFjBLb0ORnOkkc4NpVq8BxFRzaqF+o2GQJ7/JzqVfGvH:C7FdLbLRnXgVqwlL

Score
7/10
persistence

Malware Config

Targets

    • Target

      Chrome.exe

    • Size

      188KB

    • MD5

      3d70c236967449f7600d535e8b49a9fe

    • SHA1

      6dec58711262d645cbe2a782bc88e1c13ef9cb2c

    • SHA256

      8f8fea50736623743c2a670586f7c14294479f53b58cde66132a3ac8b5d46502

    • SHA512

      a5c38a77ecdd635a5d170bfb762f1d59c8c9b2f03b40fe67462839a8f3f3f416c098c0d88765785e22c889b01cf50e47980631b27518329b38a27671d77fda41

    • SSDEEP

      3072:S1hxFjBLb0ORnOkkc4NpVq8BxFRzaqF+o2GQJ7/JzqVfGvH:C7FdLbLRnXgVqwlL

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks