lgoogloader | 6be56dd56ec252564c301fef4f5358ec3be73204292e12ec3dc9bf1cf82da0f8 | Triage

Sharing

General

Target

2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168.zip
Size

645KB
Sample

230105-3q7vpsdf58
MD5

b5041a84e558a00f7d2dcb43fd2ce388
SHA1

861dc6334beff257034afa35b84fda176946bedc
SHA256

6be56dd56ec252564c301fef4f5358ec3be73204292e12ec3dc9bf1cf82da0f8
SHA512

db078a9058d6d13ce2102fc4947504ad5e739c2518150f4403e3a1c253cc7ca406ff8f2bbf87edb0f70726eaaf48195402459b4c88eb99dd0977f03b8f4febcb
SSDEEP

12288:/J6TFQrRcqA6ihOVwX7wCoYWzt62DYGW7gvD9tlX3W4OSMy11TPKN3xoC:/JO2rRcGGDolh6oYvuDXtMyLPE

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168.exe
- Size
  
  1.3MB
- MD5
  
  085d7d21c6ff8b6f77780c4f26625c11
- SHA1
  
  0a8d4223d443bfa522d5e6d7b3da24a06cd6dcf8
- SHA256
  
  2267fac6e4bcace94d9ed232cc4ba7e128424e80c5730ea38f23610c11bdc168
- SHA512
  
  f04adc279b1a89639cdd133b0da2392228c574dacb03a8c632a74f58086748ead01491d2b6566d2a51c458af02354db6e9e7a361014dc502d55fb416d24421c4
- SSDEEP
  
  12288:fFv7opISOM5xl4RAkDf5rN1uhleQI/LiLXjnUf8T6sIAFXCssNtk2o+Ah2RDDt+b:9LArlx3YF1ScCy1gOfLcJda5u3D5
Score

10^/10

lgoogloader downloader persistence
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lgoogloaderdownloaderpersistence

behavioral2

lgoogloaderdownloaderpersistence