General
-
Target
2aef15cea5fdcc9628588d7dfc6381fb.exe
-
Size
1.5MB
-
Sample
221230-ssg2ysbb2x
-
MD5
2aef15cea5fdcc9628588d7dfc6381fb
-
SHA1
a877a0668967b4ff12fe567c9021d54a8542f565
-
SHA256
d0dcf56a1d4cdd036f873875f4baa5052ab8084178496a72fe4c4c8c404c4071
-
SHA512
dcb21aba89b4df0da0da58f5729482864efff076fba6d3d7af638f0be6b73e3c11000e61498c73e672fc0f77bce7f6af9f851120319a59b37cfda13109d7b706
-
SSDEEP
12288:O7RK/BxxSNTtzl/R7TTNTHjw1dC0w71WtQztt1cMsPMN0nJtHb6MUdjwyZt/bJ+c:/IBjjcz3ROp7eyahyTYKj
Malware Config
Targets
-
-
Target
2aef15cea5fdcc9628588d7dfc6381fb.exe
-
Size
1.5MB
-
MD5
2aef15cea5fdcc9628588d7dfc6381fb
-
SHA1
a877a0668967b4ff12fe567c9021d54a8542f565
-
SHA256
d0dcf56a1d4cdd036f873875f4baa5052ab8084178496a72fe4c4c8c404c4071
-
SHA512
dcb21aba89b4df0da0da58f5729482864efff076fba6d3d7af638f0be6b73e3c11000e61498c73e672fc0f77bce7f6af9f851120319a59b37cfda13109d7b706
-
SSDEEP
12288:O7RK/BxxSNTtzl/R7TTNTHjw1dC0w71WtQztt1cMsPMN0nJtHb6MUdjwyZt/bJ+c:/IBjjcz3ROp7eyahyTYKj
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
UAC bypass
-
Windows security bypass
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Windows security modification
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-