General
-
Target
file.exe
-
Size
510KB
-
Sample
230116-vtpjjaad25
-
MD5
ff0ac8d6c0a5990dd442f677315e6c4b
-
SHA1
4358324f102afd639d6b1ec92521b37f31ca5d1c
-
SHA256
eb5ec9cf758bd526db090f9290d323201911b4181c3bfeb3ebd1f1af8be19285
-
SHA512
47b93db0d6f90bd4805508663353472709fe53d5397834eadd5ee2feb4a2c2d59f57cf929ac8039f4ea07a2303d880f98806f4d7aade7cee700ff48f3ecf91ae
-
SSDEEP
12288:ytFk7iHlOP8nFr/AuvlNn7N9Opxb6VelFxgcdM:EHlTn5Bv2begS
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
510KB
-
MD5
ff0ac8d6c0a5990dd442f677315e6c4b
-
SHA1
4358324f102afd639d6b1ec92521b37f31ca5d1c
-
SHA256
eb5ec9cf758bd526db090f9290d323201911b4181c3bfeb3ebd1f1af8be19285
-
SHA512
47b93db0d6f90bd4805508663353472709fe53d5397834eadd5ee2feb4a2c2d59f57cf929ac8039f4ea07a2303d880f98806f4d7aade7cee700ff48f3ecf91ae
-
SSDEEP
12288:ytFk7iHlOP8nFr/AuvlNn7N9Opxb6VelFxgcdM:EHlTn5Bv2begS
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Sets service image path in registry
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-