lgoogloader | 15c89a10e96169aeb316f992ca02afc8276f4816b8298d723a552ec4bd455186 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15c89a10e96169aeb316f992ca02afc8276f4816b8298d723a552ec4bd455186
Size

1.3MB
Sample

221231-bplsasgh86
MD5

4bdbe27837ed9c29864c2139e7b70459
SHA1

648de84ed4d511eb32b15e71f1d68007f388f21f
SHA256

15c89a10e96169aeb316f992ca02afc8276f4816b8298d723a552ec4bd455186
SHA512

59fbb92fa9755eff439148a9bf081961895d1d5b8a2aa43c7f4e3ba4aff8d85096183e58aec971524063892cbc3ac06a00e249c99ec8dcc2d71c0114d821197d
SSDEEP

12288:ZMcn9pikkWne6157Bmk5wyH2RzeMkoMes3FmX7C5JunNHthUg2Pg02qQ6kiaIZRe:ZBwuT7iqjrFg4ulk7glDrZAIxmP7rmp

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  15c89a10e96169aeb316f992ca02afc8276f4816b8298d723a552ec4bd455186
- Size
  
  1.3MB
- MD5
  
  4bdbe27837ed9c29864c2139e7b70459
- SHA1
  
  648de84ed4d511eb32b15e71f1d68007f388f21f
- SHA256
  
  15c89a10e96169aeb316f992ca02afc8276f4816b8298d723a552ec4bd455186
- SHA512
  
  59fbb92fa9755eff439148a9bf081961895d1d5b8a2aa43c7f4e3ba4aff8d85096183e58aec971524063892cbc3ac06a00e249c99ec8dcc2d71c0114d821197d
- SSDEEP
  
  12288:ZMcn9pikkWne6157Bmk5wyH2RzeMkoMes3FmX7C5JunNHthUg2Pg02qQ6kiaIZRe:ZBwuT7iqjrFg4ulk7glDrZAIxmP7rmp
Score

10^/10

lgoogloader downloader persistence
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lgoogloaderdownloaderpersistence