8e1dfd0fe2f4be63343c311ece0c39c357bb7341978375661707d1a3bec39046

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20231130-en
resource tags

arch:x64arch:x86image:win7-20231130-enlocale:en-usos:windows7-x64system
submitted
08-12-2023 17:51

Target

Update/1.3.36.152/GoogleUpdate.exe
Size

167KB
MD5

54a010c60be10b65eee5506720fccabb
SHA1

18cfa274db7d6567441db036eb2b25b720d58884
SHA256

9a4b728a0b652056cbd312dd917adc08c72c89b6f666472f4e3d59a1b8039d89
SHA512

afb51acc8b684db72d5ee9ad7c340d852322af0862a80976c6830330c9e094bc77e760a5806ba883b437c0d10139aa783c21cd87acd405c453df98422d6b99ae
SSDEEP

3072:TwzvOYNt5YP/aKavT/DvbEvK9aobNI2B+DlIH3angqtirxzGlB89Vo6FoCG55lOG:0tiP/aK2h9H/B+3ChE

Score

6^/10

evasion trojan

Checks whether UAC is enabled 1 TTPs 1 IoCs
evasion trojan

System Information Discovery
T1082

Processes:

GoogleUpdate.exe

description ioc process

Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA GoogleUpdate.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	GoogleUpdate.exe

C:\Users\Admin\AppData\Local\Temp\Update\1.3.36.152\GoogleUpdate.exe
"C:\Users\Admin\AppData\Local\Temp\Update\1.3.36.152\GoogleUpdate.exe"
1⤵
- Checks whether UAC is enabled
PID:2344

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact