General
-
Target
022b13591392ab767062cd3b9250bc02dc9ec7e7852c613d84373b1d192beece.zip
-
Size
415KB
-
Sample
230112-rap46sgb84
-
MD5
cf725aeb3d733e3adfa5adfc659dd271
-
SHA1
6118997f21281437a3c14b03f1d828cd45e220f2
-
SHA256
7f99e0f9c885b1ffc4a21cbcf02e4f3af09e3982397d560e95c9a79d1a75face
-
SHA512
95b9a004378a11c853968f720e4fdfd1b158ed0cde1b5b95f75cfb1fabaa1d1341505236745d206d50f110a07575c879e60eedec69ae97b36361646739576588
-
SSDEEP
6144:RehW2NCVhPp8xInNB/g+H2UIRsUycw3f7D2XywbYNEhZfa7HrGhHsMKt53CX6ocE:gWYW8mn7g+H2UIRsUwvnuyqfsGiCQq
Malware Config
Targets
-
-
Target
022b13591392ab767062cd3b9250bc02dc9ec7e7852c613d84373b1d192beece
-
Size
483KB
-
MD5
d1ebe12d5468beb014f3166bf5a8e95d
-
SHA1
862cd6b7fc51995d52ba2687f690c0c14cb634c8
-
SHA256
022b13591392ab767062cd3b9250bc02dc9ec7e7852c613d84373b1d192beece
-
SHA512
a610a88446f9e4f90a6cff9e5d3fc158d5865565a6fd402b4b35920ac23d9de5113ceff6a1975c0d23e1184ce18f616fe27cb68b75ca0d33d0116d544e19d774
-
SSDEEP
12288:56e8Zdtnm7dDjqOyC+M+Dj2iLQY6CZcxdincr1CChPQXY:5x8Z+Zn4C+MCf6txdinsbPQo
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
UAC bypass
-
Windows security bypass
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Windows security modification
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-