Overview

overview

10

Static

static

10

chrome.exe

windows7-x64

7

chrome.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    chrome.exe

  • Size

    10.0MB

  • Sample

    241104-yk84csvqfs

  • MD5

    9b479c2b059315914a74b0d9f01d325d

  • SHA1

    54e782cc4baaae6e965b1f01b6f05df8c89afc29

  • SHA256

    b3926ca67a732d766e5469de9d0a8a1e823b8627b88f0f1eb978f22fe7d68ba9

  • SHA512

    e624ba0fed2ca292925ea2470a1c0359bee6ac999ee934ac83379de516e799368a2cf99d854ddae60a8bb44559ef998aa3ae0b56b53eb4a6b19aaa3b6a5c1b04

  • SSDEEP

    196608:G9HYbwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jB:uIHziK1piXLGVE4Ue0VJ1

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      chrome.exe

    • Size

      10.0MB

    • MD5

      9b479c2b059315914a74b0d9f01d325d

    • SHA1

      54e782cc4baaae6e965b1f01b6f05df8c89afc29

    • SHA256

      b3926ca67a732d766e5469de9d0a8a1e823b8627b88f0f1eb978f22fe7d68ba9

    • SHA512

      e624ba0fed2ca292925ea2470a1c0359bee6ac999ee934ac83379de516e799368a2cf99d854ddae60a8bb44559ef998aa3ae0b56b53eb4a6b19aaa3b6a5c1b04

    • SSDEEP

      196608:G9HYbwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jB:uIHziK1piXLGVE4Ue0VJ1

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks