452faf66b12f218f3831a0a305fb7a6a06cf7cd77d6040dc4dc732b31885ef06

General

Target

google-chrome-130-0-6723-117.zip
Size

172.9MB
Sample

241113-j83h6aybnd
MD5

df35693e7af66200d646094f7db066f1
SHA1

af309636fa521b9f445b124f68d683cc6f614b37
SHA256

452faf66b12f218f3831a0a305fb7a6a06cf7cd77d6040dc4dc732b31885ef06
SHA512

80047ab808b599d1e72dde49b975fa7e8b27c84a3aaed76d680101c387327fb9f3242891eb0476264d05c460db24ed6f321b4213536e0da14da73bccde270f2e
SSDEEP

3145728:hHiQinoedlGzUENKzBw7IJYB1pIo49wZo1LezXeSkePd+:hHiQinoHzr0zBw7HIo4OW1LeaePd+

Score

6^/10

Malware Config

Targets

- Target
  
  Documentation/README.pdf
- Size
  
  176KB
- MD5
  
  a427b5c1690f1bab5137e1bb2110d00b
- SHA1
  
  dd936235b66d22d86ef591169c0e39db9448c954
- SHA256
  
  7e206eb7666330413b76240e1343848f00cdbbfb56cd1b30f943f8169ea63b34
- SHA512
  
  c13053f662b00145fab710687f9c779ef1549a63f25d35c3012d8d1f21b53f1ed79b1038aa7d3a879e13c659d6d851d1544d95c247e097c57046d79c6e809004
- SSDEEP
  
  3072:SOSOYZwC7Scubu3RhcgaqkCpEqLh8diO6ED/JTpxYIynqCo4wYZomwaxtGzOaeHf:SOSPZwciuhcgaGpEqLh8wO6EbJ1xwqCh
Score

4^/10

discovery
behavioral1
- Target
  
  Installers/EndpointVerification_2.0.3.msi
- Size
  
  1.1MB
- MD5
  
  03b66b1d1876277e38a471f3234a220a
- SHA1
  
  9b17405ce7fa680c6b33754d452f2b56c490ddf9
- SHA256
  
  6342063d367b494050943937c8d8e672296e7e44d25c74ce36b808e54a70bebf
- SHA512
  
  1c8698f4372e286b917b9fb9f7405d7e305f1b0be75e46636c7580cd493ee8ca736f1b24ae656516bd4cd0eab9812c8748ccecf6a39a957ce3ce66139d48f2f5
- SSDEEP
  
  24576:JaEn64cOQP424L8Ehnyi8zJjkQvHJ8KBaqLpHULlG:JaEvcdPfE8RFwQB8KBaimJ
Score

6^/10

persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral2
- Target
  
  Installers/GoogleChromeStandaloneEnterprise64.msi
- Size
  
  120.1MB
- MD5
  
  858f07346daf8a13c1ebbcb05abaa377
- SHA1
  
  7d58ff7f9c562cdba757cb1bf30e929729641d0b
- SHA256
  
  2e77e789f014bd8bcd66f9af87da0c621debbb2ce2c904dcd80eddd342b90532
- SHA512
  
  e5745045f30b551813f62c21efc55fa180f158f0ebbe9279c7f300da187b90f9831c8d89b3280312faaf128b56313f52e2cb38c7b924824298b89e7ea2fba62c
- SSDEEP
  
  3145728:fHiQinoedlGzUENKzBw7IJYB1pIo49wZo1LezXeSke:fHiQinoHzr0zBw7HIo4OW1Leae
Score

6^/10

discovery evasion persistence privilege_escalation trojan
- Blocklisted process makes network request
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral3
- Target
  
  Installers/LegacyBrowserSupport_8.1.0.0_en_x64.msi
- Size
  
  648KB
- MD5
  
  aac201214371a190669a7cb89a99f0bb
- SHA1
  
  8eb32be4d92a7f6853f4bacfdc3e1509a34be47b
- SHA256
  
  34c365a19709e93996bf54f31948418b48ca5eb129bf36b76dec4e5b234c9206
- SHA512
  
  7b54129458c9d849a30735f189e8eb9e39748f61515bd5c924d030b43f3658f8f00dbc709f7913d9cb20ca317a0e67232e7d9cb634f6eee106b5f6b7658a0255
- SSDEEP
  
  12288:w5UMAFQefDvtS8NiLr62AL/j2TkM4iA03QhHLgolfTbivLWCf:w2diMDV/NGJqL2x4iAhHLgSTbivCCf
Score

6^/10

adware persistence privilege_escalation stealer
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral4