General
-
Target
cc00f4cf49623023e6a13a500fda644a1d39703677b2abe0b73b4ccdf7e87c93
-
Size
27.3MB
-
Sample
250102-w3l1fatnfr
-
MD5
4e31950a5b39094f0695e1b57f2108c4
-
SHA1
89cc4bce65c9a4bc382e63b1c588257fc66354ec
-
SHA256
cc00f4cf49623023e6a13a500fda644a1d39703677b2abe0b73b4ccdf7e87c93
-
SHA512
93997b99ad75d93917f2771e8bf4d9ad40190f8338dae6a6293751be661eb14e1f5138fd3e19ce5e80f6077b99340419d8071020fed83aa0f5e6e8484dd239cf
-
SSDEEP
393216:KhZLJKBWYeI6lKForhIEny8TKmsWLoTfzVSnNbsP6GixM4bqbGA1syv2L1k:K/IsBKxEn/KPGIfz8j5xM4OhXehk
Malware Config
Targets
-
-
Target
Chloride Tweaks Ultimate 2.0.0/2 Tools/5 OOSU10.exe
-
Size
1.8MB
-
MD5
3fe356ff0e52f84abddf53238eec0fe6
-
SHA1
874864626861a178f02116228e176f2a41620583
-
SHA256
7335914d30d8ede5431c4ba32f56a79a397a6f38bfd44e90f62324f63afeda65
-
SHA512
7dd811acc085c9dce88a3465b91c00057c4fc9f750c37fb37fb88f9a17fdbb2e3984b03938c7e7c6ab6fa8e9e39746aa5a542c23274b6724d056ea5c55d742be
-
SSDEEP
49152:sEublE2XwGw4JEJTJxJxOrOrY98Hanit8LsfeB/eR1xO:i9uWkKeR1w
Score1/10 -
-
-
Target
Chloride Tweaks Ultimate 2.0.0/2 Tools/6 WPD.exe
-
Size
576KB
-
MD5
65325f636ac238568a21f389387f0299
-
SHA1
acf8022648f3eab3b6da50e0f90301eefe64a3f7
-
SHA256
c21e9de5b28de8edfb6b2264b33846e842f7954ad70fa07b3c652feb5f0a09d7
-
SHA512
9580e5f040f7adb0cfd5dc8749ddc501c97c849fd7bde4b2d66af6beb5d4a2505546b053723d53009ece3014ee87723bbc23729e43c6aec0698ff514c2ac33a2
-
SSDEEP
6144:TRQucww8JJQLbRYX3XJ7Sjt52vljOwsxVDC5Mq7Zj2R7beOW2wmIyWk5QoBN6Z61:1cwoQkl2JI
Score5/10-
Drops file in System32 directory
-
-
-
Target
Chloride Tweaks Ultimate 2.0.0/3 Tweaks/3 GPU/Nvidia/1 Driver/!NVCleanstall.exe
-
Size
3.5MB
-
MD5
74e418b7676bba62d73711418f9cef71
-
SHA1
02a133a91deec707ca6f8f9e88e0b88d452a4faa
-
SHA256
6d014bb417dc60c89eca14099719241895b003f1010f1b2babd2a1ff731e2c34
-
SHA512
4aada34f52570e7d06e66178c18ad38fbd7f2b7556c656ea71be2a59e51537cc5df11b66d1b7907a59b5bf73e21ba3d1d1ce4d9b490e3bb4c5043f324a9b8d9d
-
SSDEEP
98304:Oy35qCp0qlIdjjGL6P/iikTP35FgcyID23Z53UCMFU+:f3YCi4IdjyOPK5Dpw3+
Score1/10 -
-
-
Target
Chloride Tweaks Ultimate 2.0.0/3 Tweaks/3 GPU/Nvidia/2 Nvidia Settings/!NvidiaProfileInspector.exe
-
Size
578KB
-
MD5
9a11825bb9ffaa5317b8f038dae2c078
-
SHA1
4300e9816bf3b1faad81bd066642862f8d4e6b1f
-
SHA256
dc784bd1acd222567fc1cef4a2e29d0ad10ba880c9ad5202687aadfc5bf5d9ef
-
SHA512
148fc479395fa14ecdf8d6dca8a4cf3493c51eb92690ca7529246a28643696d804ee6efdad5d60a39481f123418175cda9099718d6123d58950e463e255e6ab4
-
SSDEEP
6144:ZrS7YmOOjsy7d1x3Lyywhi1dTs0+TVSiuKS:Ze7nhVLyyr1dT/ISiI
Score1/10 -
-
-
Target
Chloride Tweaks Ultimate 2.0.0/3 Tweaks/6 Proccess Lasso/processlassosetup64.exe
-
Size
2.3MB
-
MD5
d29fef939e8952ea60da440c4881a236
-
SHA1
3de01562c7f57e2216dc3315d04688861210b15c
-
SHA256
7247a6e2873021dc5b8bf50862e8b0e703b1fac27f2bf78d81e1753d7057d2d8
-
SHA512
e9e6da092a277d63a125031308e959d1d6760a7aa3b010fc1da23db1d230854821a27d158b2ef305d3a22b04aa18bae8f9a59939660e5f6afa9b4f84a3b4651f
-
SSDEEP
49152:Zo5YlYTImfx46GfaAjZMzXCeOe4g/yWRiJxfOLA769jtYNESu4fg9Q/E:PlYTXu6GasAXTcg/y4iJU9jtMRg9Q8
Score4/10 -
-
-
Target
Chloride Tweaks Ultimate 2.0.0/5 Other/Installers/BraveBrowserSetup-BRV010.exe
-
Size
1.2MB
-
MD5
686328fa484a6ccd03786051a3f11ab2
-
SHA1
dd5b792db91938542add3dec55fd178e0055db01
-
SHA256
521cde826cf008839ef644148d1debcd85f416c9a5a6ab09dc2bd29cdf24be22
-
SHA512
1d080d87aca3e916f498a733eb795a10cde92e5dd5b95684954498bb7882f8d183ab3d8ff288b42e5eef3db10a59d945b483950ef27ff5dfd8a9f1cad306b509
-
SSDEEP
24576:0mar/04vlA7ENc55qBRwxrQTiEAJZe+zU9finc2NIk1VfD3VjS9F:gr//lA7EKXqBqrQNIe+zU9fQ5BFEF
Score6/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
Chloride Tweaks Ultimate 2.0.0/5 Other/Installers/Firefox Installer.exe
-
Size
326KB
-
MD5
d60338c59ecaffe6f9f751b2bb9eafcf
-
SHA1
373e003b74b07a77a87e41e9b9ca0f32e39ae9a3
-
SHA256
972464b17879ccea70a7e9ecee522344c4866200c1d8a353a7e1d2bc82472246
-
SHA512
7c3e3f81d35bf847f85f381a5ddf5452b7fa58fb8619a6901274d87e0ef9cdb64542c6d62e38661d5b57323a62ed0cab2246e8884b2500cc631a7afc458b1754
-
SSDEEP
6144:PaVWdyzOxeA1DfdwX3MmIOgVLZGMcf9Vm0Sol+90Uv5RaWSck:PMROxdDfOnMmXgVV49E0Y97vLaWSN
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
Chloride Tweaks Ultimate 2.0.0/5 Other/Installers/winrar-x64-701.exe
-
Size
3.8MB
-
MD5
46c17c999744470b689331f41eab7df1
-
SHA1
b8a63127df6a87d333061c622220d6d70ed80f7c
-
SHA256
c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a
-
SHA512
4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6
-
SSDEEP
98304:6NRBOBfKgQIm9EOTqw8vjh9Ac9nUNupK4hVvcF+yHrAr:sR/gmeOqv7Ac9F0kB
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1