General
-
Target
MicrosoftEdgeSetup.exe
-
Size
1.5MB
-
Sample
240322-vhpedsgb9v
-
MD5
b59386ec118b8b95d02f1e1b5a507e7f
-
SHA1
1577e63c1c66a457162a3987e4f18dc37bd24122
-
SHA256
39e4555e23cba84c99419fa6dde808448bab40f058912a81d5da3205874c1646
-
SHA512
a710c68bd5300170ea1dab4b208451a80813649e69853de67336c2bbf3ab942b3ea7891e0f06791b545801246b4b8dc9589668b2f587cbf44b9d53a893dcb944
-
SSDEEP
49152:/y+3Q/13Fc2eu2RVHSXoHGAPl76ojGqCVp:/yN3FVeRVHooHVP+Vp
Static task
static1
Behavioral task
behavioral1
Sample
MicrosoftEdgeSetup.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
MicrosoftEdgeSetup.exe
-
Size
1.5MB
-
MD5
b59386ec118b8b95d02f1e1b5a507e7f
-
SHA1
1577e63c1c66a457162a3987e4f18dc37bd24122
-
SHA256
39e4555e23cba84c99419fa6dde808448bab40f058912a81d5da3205874c1646
-
SHA512
a710c68bd5300170ea1dab4b208451a80813649e69853de67336c2bbf3ab942b3ea7891e0f06791b545801246b4b8dc9589668b2f587cbf44b9d53a893dcb944
-
SSDEEP
49152:/y+3Q/13Fc2eu2RVHSXoHGAPl76ojGqCVp:/yN3FVeRVHooHVP+Vp
-
Adds Run key to start application
-
Downloads MZ/PE file
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
4Registry Run Keys / Startup Folder
4Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
4Registry Run Keys / Startup Folder
4