Analysis

  • max time kernel
    299s
  • max time network
    255s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/11/2024, 05:33

General

  • Target

    LICENSES.chromium.html

  • Size

    8.8MB

  • MD5

    2675b30d524b6c79b6cee41af86fc619

  • SHA1

    407716c1bb83c211bcb51efbbcb6bf2ef1664e5b

  • SHA256

    6a717038f81271f62318212f00b1a2173b9cb0cc435f984710ac8355eb409081

  • SHA512

    3214341da8bf3347a6874535bb0ff8d059ee604e779491780f2b29172f9963e23acbe3c534d888f7a3b99274f46d0628962e1e72a5d3fc6f18ca2b62343df485

  • SSDEEP

    24576:cpD6826x5kSWSsRinoHnmfm646a6N6z68SH4SApTJ:cHSek

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4080
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe15bacc40,0x7ffe15bacc4c,0x7ffe15bacc58
      2⤵
        PID:3468
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1888 /prefetch:2
        2⤵
          PID:1196
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2116,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2180 /prefetch:3
          2⤵
            PID:3028
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2324 /prefetch:8
            2⤵
              PID:1308
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
              2⤵
                PID:1116
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1
                2⤵
                  PID:2624
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4824,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4692 /prefetch:8
                  2⤵
                    PID:4564
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1044,i,4667903186090957641,4905669873027320723,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=984 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:8
                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                  1⤵
                    PID:1844
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                    1⤵
                      PID:4220

                    Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                            Filesize

                            649B

                            MD5

                            d2531db884abe0b6605eddeddbadb904

                            SHA1

                            130a8f4b5c357fd7027e95202a23b9e3c35cd2de

                            SHA256

                            ddb1199e90ab21efb5f5548b2ed2e06a243c879ea54be80e6e797bad23818e09

                            SHA512

                            4dc454cb5f006e27bfb0a39501a129ae8f71297137744b968fbee7ba0ded4dbd82c24e5b4e1396007686c1ce716f6604052ac62d69ef6e5acacb8461c190a2bb

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                            Filesize

                            2KB

                            MD5

                            f368117425b7debe0ff7066ad1a4d8e6

                            SHA1

                            9e07e29c53d69c6bf38313e9a283b0e3215b2044

                            SHA256

                            b7452f0f7ec49c352dfa9dba602e07a43966c32cb9b0720ebabec67828e84485

                            SHA512

                            f40f4d60d349e39a2b2f44dbc60e3bb4d0e3279c3ae51f668997cf25b41d5f3c4ce8fa8c4f91b0df0dd569bac3ca21f5ab7ef503a193dca5e2dfd665e53396f9

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                            Filesize

                            2B

                            MD5

                            d751713988987e9331980363e24189ce

                            SHA1

                            97d170e1550eee4afc0af065b78cda302a97674c

                            SHA256

                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                            SHA512

                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            8KB

                            MD5

                            25fd6c69342f147a83c4629509deb73e

                            SHA1

                            b7ffe575fdf0473de8f5563c6d4a92a0e9199167

                            SHA256

                            d177a1979f6f9c1f8925e31ca0690e4438081d2bb18d4dec19de4fcc342848ea

                            SHA512

                            3f0678df54a6c27bc75a87f2d2e88105ee496ba818bde6c8b74c77f5786f2c631e585750a54d4d44803794e020dadc6b477162953b9d3e11ada411fa65b08345

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            bb8d4f623a81652b4d706df569608f5d

                            SHA1

                            f1c5744d055af40a297caf5c705b94671bfe79a6

                            SHA256

                            ccbf08be4a251ddafce242a8d5bd244c08de046860eab6fdc4db6177fef774f9

                            SHA512

                            549acf64bbdcc7c085b320e4fcd4b467a84fec507a4dbd419f94936153a758acb3b9c47ba6f0be243916f2d02467e33df2f5a0960ac086a17f944704396dd9a3

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            9fe08fb04ab1ee6f349e9f1bfa69eed6

                            SHA1

                            55cd3ce5589903ff0639fafe86e0cd5555a6906d

                            SHA256

                            dd8b5a946f6dba4f25038665c687900b734e7a0af2f8ba36cb791ee3ab4d334e

                            SHA512

                            631da97073e1cc3998945ad11979559697c46404f4c1fab87a5f45981bedb17f365903ac8bc7f61aec7d4bead67a00ee0f566d6012184303e6b75a5f03bbe0b3

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            9a21feffa6bf87deae843b8de405bdb5

                            SHA1

                            528b9f55693cb6c5065f2fe17b451f6921061b59

                            SHA256

                            80de8dd7cfb4f7c6f65725c63c62529bf80655a5685a25141cafaa738d3f9b8e

                            SHA512

                            8b8be4f097e465da3dbb0361659ebd82199cd48cb0088e2a2fd767a5ae89a000d12baa32af4bf1474194633afb9e492093c86f35d6d1b96f4db49eb9e17af147

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            cf137c9a8f01131e618e24a6fe7d9d18

                            SHA1

                            88e51834455d79449af897f65ef3513fbb645b58

                            SHA256

                            276f28d87018d72fecc79dddc7871e5e230e501f2fdac08a922894e22dc1fb9a

                            SHA512

                            7bfdc7543cc5276c129261f5bb0a07ea6ef4ccace772c90df4bcd667523013d997e9ed7cb471af3bd7bcb140eca0eabad0c059490706f462d0b6485df69c107f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            00a91e331d7fa717d088c911b11a338a

                            SHA1

                            596025b678e8d02797c98579be900aceffd6e414

                            SHA256

                            7b913ee8352401a78727d04b0f6289a7c4e1725d2762b55b7c4752b6fc1c3371

                            SHA512

                            e3c7fd99cfa3a7d4e4876ad9d82158453d237f9da920df978c7fa1aaa32bc1267bc5d78986108189d42f105a45761fbf4952f208914c4f641500206e2cac47aa

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            1ffd8ba20fca147396885365d7a5bbed

                            SHA1

                            ff3cc0b9535aca72f57af0c4e22ba8b720f1fa70

                            SHA256

                            95f8aa21ab4c88767e7ff1597e9f4c3a698e86136ec74dd3a81aee49c6f69601

                            SHA512

                            f5d50c7a2fb756af67d1509abe30dd32b264b4f4bf6ea755a3653b3054f64292ca5d271d27cd0156df27ae96ab6d32c08914705261549ae282c17fc4fa33d5b8

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            8KB

                            MD5

                            f8032af763cc7cf123b3468736901e07

                            SHA1

                            66e22cb3f763a7395055532ce7d2fb59a4892352

                            SHA256

                            a667e55978ad5b1992f6228e03b51bc0fe2f61b7c236f022af5af065e794786f

                            SHA512

                            5ae838a2a32f0121cdd683166f0f743f9e867c7adacb4fc6e93e31fb571f90a6af67f74c333fd65cc6bff7285b8bb778dce1058c6f1ac7e8393bb197d8e9c13c

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            ebf8d9fd818ba34fc0511add8f935113

                            SHA1

                            47f89d18f3616f3e1f53eb4bdf2b55ddc262e358

                            SHA256

                            5bad4beaaf0f1c638446acff9ed4cb5b3a1b7d05027b9b7792e989365d18cad7

                            SHA512

                            f5563bb721283bba0d6f3d8ede5721b9c6f563f9a83744f30cd2e8d38be297f5e73a7a9896b7381e1d67a928e3ad9b883dc9467a8c8a07613d3c2c13518fc6d0

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            bd515e5f0b9c7dd14cd6cafe92e9d69d

                            SHA1

                            c64597c9b202998b2751e555892c527fc80072cf

                            SHA256

                            7e453357e5100d0035c38ab57efb150565389f5d47237b979ac085a888721a2c

                            SHA512

                            e0fc9e686d0dc3d96ed39c48f374025c98fd89666d10f1def256e067d6d9eeb86331b65c4b5488b82d5012e818624be06a6ba13cbbabd7276741735480ea0506

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            f96ef437734bf10cc5581726107f116d

                            SHA1

                            232950cdba7eb021346e5e179e6fcf953cbc65f0

                            SHA256

                            8c3059cfb3b5bebec29910525462069058050d4dabe8efe467178e6b7b4bb817

                            SHA512

                            f33ffbe0f64d7a157d83077e771a044380ebc1e9bab81a022af65a284be554c1703b523f8b03cfcbfbfeaa33f9128d93ec1fb82f8ac4d9dff1f8d3eac8800698

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            6ce6ac398411f9ba32c8a917c5ca00db

                            SHA1

                            40ab8dfe1961a17e2d6f2dec3e8b9795dde29351

                            SHA256

                            da401662d1d2e813907f97582b2964ae028843bc4ace3f9abcdab497f9391b61

                            SHA512

                            d5c421a0dc3aab39d46d3dd7b51e071e71daedd7756c21d95e4ea328493274b3599ea194f25383c85966547c4439acd49b286ef125f68da3ea150307faffcc14

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            079992d51946c9a7662f4f9263760d1e

                            SHA1

                            71c407ca31f9fe91c37705f22041a5d928cf07a9

                            SHA256

                            11915b0b88d441e50a9e066129ff531b26c40b180acf7eeea6530aa63d43b8df

                            SHA512

                            138b9801e17d1f107552dda3206eed51c7a2a599d041cc0db7472955fea85a67b7c451cee627822cd4658f0f5db606314081bce1d4d09c794cf1a181f379d71c

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                            Filesize

                            116KB

                            MD5

                            4a7d53d20d3db8f6cc95bbf791702f3e

                            SHA1

                            cc3980c5095dc42d3d5a915ea9244da68eaad6e7

                            SHA256

                            44154153612c91a463e651ee503f89d11646f1ed481b6d122add84640dbd2a8b

                            SHA512

                            d75cca3f58d0b18ae1a29f51f8b200072c4733476ba1a569bef42537644eb9b6b8a46c6833df1be6ccb13c21042235176de05c192f5dee8df2982102759b301f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                            Filesize

                            116KB

                            MD5

                            40b1473decf330174c3c8426188515a1

                            SHA1

                            b67f5073d7ec27bfce5ffa77acc5a5475fa6e364

                            SHA256

                            83335f439de83524f7d19d5afbf3ba5a15520d34b745379e2ab9078497c39027

                            SHA512

                            64d8725e83fce7ec70ba62ad90f20a40b72962d3ad1933621420f6803068ce214252301412c35e872d959199e53a815b920d3eba8f29d28d8a69af86d9622f2f