General
-
Target
BraveBrowserSetup-BRV002.exe
-
Size
1.2MB
-
Sample
241031-bx7dzawenh
-
MD5
2060ab5b1a94121d07a3e08a6191663b
-
SHA1
3c10bd7ba85e24d2ace4890563285f82cfa44f45
-
SHA256
5d6e732c1e10643a4af41366024bc5ae95f0d3e9d7ef05176aa92b92de56b1b3
-
SHA512
a96b73889d4c8b4507359033bb1540f75b3467d1f3415a43f00180188c7f782fa4579fcda49e7da988f7b8392d3afa76533b696b84c038fd67aeec87c85c4d6c
-
SSDEEP
24576:7mmr/0jMyLSy6MbbfPfB9vR+o/5vHjO2X0sJgT243be2Y9rmLISoXcn:Tr/jyLlfzR+o/5vHjO2PJgKwC1rWIpQ
Static task
static1
Behavioral task
behavioral1
Sample
BraveBrowserSetup-BRV002.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
BraveBrowserSetup-BRV002.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
BraveBrowserSetup-BRV002.exe
-
Size
1.2MB
-
MD5
2060ab5b1a94121d07a3e08a6191663b
-
SHA1
3c10bd7ba85e24d2ace4890563285f82cfa44f45
-
SHA256
5d6e732c1e10643a4af41366024bc5ae95f0d3e9d7ef05176aa92b92de56b1b3
-
SHA512
a96b73889d4c8b4507359033bb1540f75b3467d1f3415a43f00180188c7f782fa4579fcda49e7da988f7b8392d3afa76533b696b84c038fd67aeec87c85c4d6c
-
SSDEEP
24576:7mmr/0jMyLSy6MbbfPfB9vR+o/5vHjO2X0sJgT243be2Y9rmLISoXcn:Tr/jyLlfzR+o/5vHjO2PJgKwC1rWIpQ
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Defense Evasion
Indicator Removal
1Clear Persistence
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1