fcdb330d3323935ce117f9a457282b7d7aa6a13e7bdbfaca5b82d310f0f6ee59 | Triage

Sharing

General

Target

ChrоmеSеtuр.exe
Size

18.5MB
Sample

231103-mchewsgb4x
MD5

aab9abec81f255e7f73d3ac2b393b82f
SHA1

66294e12d96a95dfecd59dd07bf1a7d77827a17d
SHA256

fcdb330d3323935ce117f9a457282b7d7aa6a13e7bdbfaca5b82d310f0f6ee59
SHA512

cd413c7f935f8cefc1aa6bfb712af06315304fc56946f97d400f2b00ec368f3c34f5637c59f33c3bdb3ce161b02953f5df07b7c4e3db4f5b70563742c5b71261
SSDEEP

393216:FeeErqRTbb2awJ9ry9izxOLzdZZn2rSDnBlnNn+Wv+yegR0XS1TxJsqN/IMzTzJH:FeeErqRTbb2awJ9ry9izxOLzdZZn2rSn

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  ChrоmеSеtuр.exe
- Size
  
  18.5MB
- MD5
  
  aab9abec81f255e7f73d3ac2b393b82f
- SHA1
  
  66294e12d96a95dfecd59dd07bf1a7d77827a17d
- SHA256
  
  fcdb330d3323935ce117f9a457282b7d7aa6a13e7bdbfaca5b82d310f0f6ee59
- SHA512
  
  cd413c7f935f8cefc1aa6bfb712af06315304fc56946f97d400f2b00ec368f3c34f5637c59f33c3bdb3ce161b02953f5df07b7c4e3db4f5b70563742c5b71261
- SSDEEP
  
  393216:FeeErqRTbb2awJ9ry9izxOLzdZZn2rSDnBlnNn+Wv+yegR0XS1TxJsqN/IMzTzJH:FeeErqRTbb2awJ9ry9izxOLzdZZn2rSn
Score

7^/10

spyware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2