General
-
Target
c6135818ddc5d31afa68f42f21e1da3e19f879096298ccb84f68803847235004
-
Size
695KB
-
Sample
230115-kch1bagb9v
-
MD5
928fa3e8a43ce4f32e5cb5f469a4981f
-
SHA1
742c4185e8ef6a8a70b320927d0dbc13a33a7c6f
-
SHA256
c6135818ddc5d31afa68f42f21e1da3e19f879096298ccb84f68803847235004
-
SHA512
c625374d344ef3c607659e5a4eb0d2978e6d030d25310cc9c9ed4aa249ef9adcf50a2053035c94daa750c8ddef044208c2425e01fe759662c32eff9140e9513c
-
SSDEEP
12288:8HbpxW0j2LnZvxo1IB5DiQqyGF3S064Fd+smJjMHGT/Ksq/KsK/Ksu:8HbpxW0j2LnboqiV3p/FEZjX7iC+
Malware Config
Targets
-
-
Target
c6135818ddc5d31afa68f42f21e1da3e19f879096298ccb84f68803847235004
-
Size
695KB
-
MD5
928fa3e8a43ce4f32e5cb5f469a4981f
-
SHA1
742c4185e8ef6a8a70b320927d0dbc13a33a7c6f
-
SHA256
c6135818ddc5d31afa68f42f21e1da3e19f879096298ccb84f68803847235004
-
SHA512
c625374d344ef3c607659e5a4eb0d2978e6d030d25310cc9c9ed4aa249ef9adcf50a2053035c94daa750c8ddef044208c2425e01fe759662c32eff9140e9513c
-
SSDEEP
12288:8HbpxW0j2LnZvxo1IB5DiQqyGF3S064Fd+smJjMHGT/Ksq/KsK/Ksu:8HbpxW0j2LnboqiV3p/FEZjX7iC+
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Sets service image path in registry
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-