Overview

overview

10

Static

static

file.exe

windows7-x64

6

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.1MB

  • Sample

    221124-jybbxsdc7z

  • MD5

    2ad4efa6bd88630d2a3a61b1898cd62f

  • SHA1

    e5b869841b26fbb54b9e94668b3017face715581

  • SHA256

    314410dacd8226075671d108c091e8dcf6f24156b10b430e81e25891d750d68d

  • SHA512

    2df531a6634c0ecd3448b5369507b2f9735f651cfd932ec13140521154bcdbaaf03d76f82fc6e61cec669ab58cc06ef04d349f9b2a2c604a00eeeaf59e6b413c

  • SSDEEP

    24576:X9ERWaeW0rxk6fIAkiWOurxoETjpoLIrDoS:X9EwW8xkVQvuloETjGLIrDoS

Score
10/10
lgoogloaderdownloaderpersistence

Malware Config

Targets

    • Target

      file.exe

    • Size

      1.1MB

    • MD5

      2ad4efa6bd88630d2a3a61b1898cd62f

    • SHA1

      e5b869841b26fbb54b9e94668b3017face715581

    • SHA256

      314410dacd8226075671d108c091e8dcf6f24156b10b430e81e25891d750d68d

    • SHA512

      2df531a6634c0ecd3448b5369507b2f9735f651cfd932ec13140521154bcdbaaf03d76f82fc6e61cec669ab58cc06ef04d349f9b2a2c604a00eeeaf59e6b413c

    • SSDEEP

      24576:X9ERWaeW0rxk6fIAkiWOurxoETjpoLIrDoS:X9EwW8xkVQvuloETjGLIrDoS

    Score
    10/10
    persistencelgoogloaderdownloader

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1
T1059

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks