General

  • Target

    GoogleChrome.exe

  • Size

    1.3MB

  • Sample

    240322-sh2zdafc6t

  • MD5

    7781f5e47330791fefaf9b6057ca2725

  • SHA1

    b8402513094b90e94b6662df39c09d99ca6b6ab7

  • SHA256

    667969367b5870c729148ea106b496d7a0a0d0f5e290af3b64cbaa9cd6b22c24

  • SHA512

    e922d93e002c39a7322906915c1cb8e35c422a6d70cf42175fdec8e3299339302d9ada7845774d34f20185411bc6729a3c14dec103aaf75dca373cc6d8f18186

  • SSDEEP

    24576:uJvKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttv:KKe7OVje7ve/HxQYwlWa7S4tv

Malware Config

Targets

    • Target

      GoogleChrome.exe

    • Size

      1.3MB

    • MD5

      7781f5e47330791fefaf9b6057ca2725

    • SHA1

      b8402513094b90e94b6662df39c09d99ca6b6ab7

    • SHA256

      667969367b5870c729148ea106b496d7a0a0d0f5e290af3b64cbaa9cd6b22c24

    • SHA512

      e922d93e002c39a7322906915c1cb8e35c422a6d70cf42175fdec8e3299339302d9ada7845774d34f20185411bc6729a3c14dec103aaf75dca373cc6d8f18186

    • SSDEEP

      24576:uJvKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttv:KKe7OVje7ve/HxQYwlWa7S4tv

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks