Overview

overview

10

Static

static

1

Chromestup插件.msi

windows7-x64

10

Chromestup插件.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chromestup插件.msi

  • Size

    13.4MB

  • Sample

    250315-hqzh4szrt9

  • MD5

    a476065df4bcac42aad4f3eeab3545b4

  • SHA1

    4b60df157d79c4863a8065e149ec6e447d1a3342

  • SHA256

    32cf48d0ef7ac450c80fcc9fb9ec28af88370298c36547d2a94ff882b12500ae

  • SHA512

    0d5a5e298b145d61f17b6c3376011706535e3441f6b9c2346e67db4ce762fcbbb3da072d98f7bebc5f31885000cc0661951632508784ed7feeb61ff6c0597e95

  • SSDEEP

    393216:pBfMDbMkh0n28RmwRRenYtpBRW9AxGq5azUUEC5:vMNSSnsjRaKDGEC5

Score
10/10
blackmoonfatalratbankerdiscoveryinfostealerpersistenceprivilege_escalationratstealertrojanvmprotect

Malware Config

Targets

    • Target

      Chromestup插件.msi

    • Size

      13.4MB

    • MD5

      a476065df4bcac42aad4f3eeab3545b4

    • SHA1

      4b60df157d79c4863a8065e149ec6e447d1a3342

    • SHA256

      32cf48d0ef7ac450c80fcc9fb9ec28af88370298c36547d2a94ff882b12500ae

    • SHA512

      0d5a5e298b145d61f17b6c3376011706535e3441f6b9c2346e67db4ce762fcbbb3da072d98f7bebc5f31885000cc0661951632508784ed7feeb61ff6c0597e95

    • SSDEEP

      393216:pBfMDbMkh0n28RmwRRenYtpBRW9AxGq5azUUEC5:vMNSSnsjRaKDGEC5

    Score
    10/10
    blackmoonfatalratbankerdiscoveryinfostealerpersistenceprivilege_escalationratstealertrojanvmprotect

    • Blackmoon family

      blackmoon

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      stealertrojanfatalrat

    • Fatalrat family

      fatalrat

    • Fatal Rat payload

      ratinfostealer

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks