Resubmissions

23/02/2024, 14:20

240223-rnewcsbh5v 7

23/02/2024, 12:03

240223-n73vrafe3x 7

General

  • Target

    ChromeSetup.exe

  • Size

    1.3MB

  • Sample

    240223-rnewcsbh5v

  • MD5

    a42416de8ac170e42e53e1fe9b7877be

  • SHA1

    b8160b84158c2b6f82631d18584492c360f6a40e

  • SHA256

    9dc4d04cb3a2b0f2465cac72e61316b5be54275ece8deb801342f28a107f979c

  • SHA512

    de903c3e37780179068f77de06ff4c54df3110b59039d7b8ef95d5787a9e22116235592e08c1461d36c9f82465d1d93ff4c06464708911d9a42b0804efa2ef40

  • SSDEEP

    24576:PJvKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVCGC:FKzcCyEq9DRho/ctH01Ws74rA4RUBDHo

Malware Config

Targets

    • Target

      ChromeSetup.exe

    • Size

      1.3MB

    • MD5

      a42416de8ac170e42e53e1fe9b7877be

    • SHA1

      b8160b84158c2b6f82631d18584492c360f6a40e

    • SHA256

      9dc4d04cb3a2b0f2465cac72e61316b5be54275ece8deb801342f28a107f979c

    • SHA512

      de903c3e37780179068f77de06ff4c54df3110b59039d7b8ef95d5787a9e22116235592e08c1461d36c9f82465d1d93ff4c06464708911d9a42b0804efa2ef40

    • SSDEEP

      24576:PJvKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVCGC:FKzcCyEq9DRho/ctH01Ws74rA4RUBDHo

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks