General
-
Target
2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168
-
Size
1.3MB
-
Sample
230104-xy925scg6z
-
MD5
085d7d21c6ff8b6f77780c4f26625c11
-
SHA1
0a8d4223d443bfa522d5e6d7b3da24a06cd6dcf8
-
SHA256
2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168
-
SHA512
f04adc279b1a89639cdd133b0da2392228c574dacb03a8c632a74f58086748ead01491d2b6566d2a51c458af02354db6e9e7a361014dc502d55fb416d24421c4
-
SSDEEP
12288:fFv7opISOM5xl4RAkDf5rN1uhleQI/LiLXjnUf8T6sIAFXCssNtk2o+Ah2RDDt+b:9LArlx3YF1ScCy1gOfLcJda5u3D5
Malware Config
Targets
-
-
Target
2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168
-
Size
1.3MB
-
MD5
085d7d21c6ff8b6f77780c4f26625c11
-
SHA1
0a8d4223d443bfa522d5e6d7b3da24a06cd6dcf8
-
SHA256
2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168
-
SHA512
f04adc279b1a89639cdd133b0da2392228c574dacb03a8c632a74f58086748ead01491d2b6566d2a51c458af02354db6e9e7a361014dc502d55fb416d24421c4
-
SSDEEP
12288:fFv7opISOM5xl4RAkDf5rN1uhleQI/LiLXjnUf8T6sIAFXCssNtk2o+Ah2RDDt+b:9LArlx3YF1ScCy1gOfLcJda5u3D5
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Sets service image path in registry
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-