General
-
Target
197cc0b311afc440dd150387e68bf49f.exe
-
Size
485KB
-
Sample
221125-jftesaeh2y
-
MD5
197cc0b311afc440dd150387e68bf49f
-
SHA1
78434666b854de78dfbfb253e66644865d324586
-
SHA256
d0f5a3be9ab80e06600ffcb13d897f325b7c8737b895223b3b7e03ecc79abbca
-
SHA512
93e805b0956a69a2f9bcabd059bafef689a82aa8654a71bf56d9834db9a5d1904aca34178e02b47f85b6bbac3b4430209dc989071e50c1d63c152daeb5052fed
-
SSDEEP
6144:up65pkrxfUvq1uWsCbIG3p2NtIzCuAsTF5nCLggt6wVsp03cPqfXETRaLP5bhxJ:vs+DNCMG5WIzCETqLgm6RyPETYRfq
Static task
static1
Behavioral task
behavioral1
Sample
197cc0b311afc440dd150387e68bf49f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
197cc0b311afc440dd150387e68bf49f.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
197cc0b311afc440dd150387e68bf49f.exe
-
Size
485KB
-
MD5
197cc0b311afc440dd150387e68bf49f
-
SHA1
78434666b854de78dfbfb253e66644865d324586
-
SHA256
d0f5a3be9ab80e06600ffcb13d897f325b7c8737b895223b3b7e03ecc79abbca
-
SHA512
93e805b0956a69a2f9bcabd059bafef689a82aa8654a71bf56d9834db9a5d1904aca34178e02b47f85b6bbac3b4430209dc989071e50c1d63c152daeb5052fed
-
SSDEEP
6144:up65pkrxfUvq1uWsCbIG3p2NtIzCuAsTF5nCLggt6wVsp03cPqfXETRaLP5bhxJ:vs+DNCMG5WIzCETqLgm6RyPETYRfq
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-