f023428fd5b42414f1763c8b748f67549cb24e7df6e76f91b93d32ec1d449ef9 | Triage

Sharing

General

Target

chrome_updater.exe
Size

2.6MB
Sample

240225-l7h48shc77
MD5

08373560048f06bed6625a074f197701
SHA1

98b05d083c66d37dca4bd20affcc90dfc013ecbb
SHA256

f023428fd5b42414f1763c8b748f67549cb24e7df6e76f91b93d32ec1d449ef9
SHA512

a093802439281e0c35648969f3e57f6c0e226932a6184841036b354f5f590bf354391b508d6d2f903caf767da46c4a0817a6906f28499ac80b349974c7edee20
SSDEEP

49152:1TfNcC2P0OwoRmgdan5gHOycuWAaScJmkbbfe8U8pFtZL0EX:1TfN32P0OwosgdanOuyc4aScJmkbLe8r

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  chrome_updater.exe
- Size
  
  2.6MB
- MD5
  
  08373560048f06bed6625a074f197701
- SHA1
  
  98b05d083c66d37dca4bd20affcc90dfc013ecbb
- SHA256
  
  f023428fd5b42414f1763c8b748f67549cb24e7df6e76f91b93d32ec1d449ef9
- SHA512
  
  a093802439281e0c35648969f3e57f6c0e226932a6184841036b354f5f590bf354391b508d6d2f903caf767da46c4a0817a6906f28499ac80b349974c7edee20
- SSDEEP
  
  49152:1TfNcC2P0OwoRmgdan5gHOycuWAaScJmkbbfe8U8pFtZL0EX:1TfN32P0OwosgdanOuyc4aScJmkbLe8r
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Drops file in Drivers directory
- Stops running service(s)
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence