Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
GoogleDesktopSetup.exe
-
Size
1.9MB
-
Sample
231105-x25a3acf87
-
MD5
91f67571db8e365e848f78ab4d6580ea
-
SHA1
a185b4a309497851603ff060a2de20b4d1560133
-
SHA256
7e7a371a7f563dc181cbe70a684880cbf036a2540b322ab56916b3671ace7df3
-
SHA512
9fe1e6ade453c7c80025ba3d0105c6124929fbe5cdebbba3564aa77270cff22ac0b1ce0e557d596c46271f7c5863fe72ba7b8dd705769a92acb94dbb91d327ac
-
SSDEEP
49152:sfSMWuHHwY6XSls25HoWCbFNFuVXIvRvp3tfNAvWik+:5Mpnz6XG+bFKVXIzUvWD+
Static task
static1
Behavioral task
behavioral1
Sample
GoogleDesktopSetup.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
GoogleDesktopSetup.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
GoogleDesktopSetup.exe
-
Size
1.9MB
-
MD5
91f67571db8e365e848f78ab4d6580ea
-
SHA1
a185b4a309497851603ff060a2de20b4d1560133
-
SHA256
7e7a371a7f563dc181cbe70a684880cbf036a2540b322ab56916b3671ace7df3
-
SHA512
9fe1e6ade453c7c80025ba3d0105c6124929fbe5cdebbba3564aa77270cff22ac0b1ce0e557d596c46271f7c5863fe72ba7b8dd705769a92acb94dbb91d327ac
-
SSDEEP
49152:sfSMWuHHwY6XSls25HoWCbFNFuVXIvRvp3tfNAvWik+:5Mpnz6XG+bFKVXIzUvWD+
Score8/10-
Modifies AppInit DLL entries
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Modify Registry
5Subvert Trust Controls
1Install Root Certificate
1