General
-
Target
ChromeSetup.exe
-
Size
8.0MB
-
Sample
240701-jm1sfatark
-
MD5
780d9df36221ccd24716da39ee3e2708
-
SHA1
3a2e4f8bc401856f1870e9fd3a3977044db68729
-
SHA256
f765d1d4012f47223a47c5992da55066e81d76b0714eb347ca6a54c55f4e374c
-
SHA512
36b1df97a9b0a3ae9cae704f722537c877c6b8a091c513be66bd16645cdf9ab424912e6dac3ddfbbf9419a9d0acc17113dec88418b8134e641a87028e8e4d6c0
-
SSDEEP
196608:bWi1ZYP2rPma7ts+ndryl6xmrsUbX1YmbWxAnwvS:b7e2rua7tsedwrsUbX1YcWxAnw
Malware Config
Targets
-
-
Target
ChromeSetup.exe
-
Size
8.0MB
-
MD5
780d9df36221ccd24716da39ee3e2708
-
SHA1
3a2e4f8bc401856f1870e9fd3a3977044db68729
-
SHA256
f765d1d4012f47223a47c5992da55066e81d76b0714eb347ca6a54c55f4e374c
-
SHA512
36b1df97a9b0a3ae9cae704f722537c877c6b8a091c513be66bd16645cdf9ab424912e6dac3ddfbbf9419a9d0acc17113dec88418b8134e641a87028e8e4d6c0
-
SSDEEP
196608:bWi1ZYP2rPma7ts+ndryl6xmrsUbX1YmbWxAnwvS:b7e2rua7tsedwrsUbX1YcWxAnw
Score6/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Component Object Model Hijacking
1