General
-
Target
ChromeSetup.exe
-
Size
8.5MB
-
Sample
240811-x9n9taycrf
-
MD5
fe830115f995251e0826ee91b7914f26
-
SHA1
6e2fe48ac8e1174ce0eb54236745441112ddd795
-
SHA256
dd9da3da7f01b071c98eaaa20c238379e97475c406489fd254ec1ce0d8daba36
-
SHA512
c8554e55d7f530cb757935ecddaa2c2f84d76d2520c771a3d495fba92669b972e367c6d3c7a72b1c0630c53896f75b828cff8625112a8f93ed0c5401d9dd2549
-
SSDEEP
196608:6xfKlmR5/9Bz6nKuvueLWj9HC/Zfy5hPza21BNmxIVFuvgW8B:6bR57WnKYueL88ZK5Za21BNmxQFuvg
Malware Config
Targets
-
-
Target
ChromeSetup.exe
-
Size
8.5MB
-
MD5
fe830115f995251e0826ee91b7914f26
-
SHA1
6e2fe48ac8e1174ce0eb54236745441112ddd795
-
SHA256
dd9da3da7f01b071c98eaaa20c238379e97475c406489fd254ec1ce0d8daba36
-
SHA512
c8554e55d7f530cb757935ecddaa2c2f84d76d2520c771a3d495fba92669b972e367c6d3c7a72b1c0630c53896f75b828cff8625112a8f93ed0c5401d9dd2549
-
SSDEEP
196608:6xfKlmR5/9Bz6nKuvueLWj9HC/Zfy5hPza21BNmxIVFuvgW8B:6bR57WnKYueL88ZK5Za21BNmxQFuvg
Score6/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks whether UAC is enabled
-
Detected potential entity reuse from brand steam.
-
Drops file in System32 directory
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Component Object Model Hijacking
1