lgoogloader | 74dd202c4fd5ba9557ec1dfef784238d48e0ec2a4465f814682a6bf293fdb86e | Triage

Sharing

General

Target

74dd202c4fd5ba9557ec1dfef784238d48e0ec2a4465f814682a6bf293fdb86e
Size

1.4MB
Sample

230119-xbktqsdg9x
MD5

491c30cb0deab77140b006a43ed38a01
SHA1

dcfd72ad2464be66218920b86ca1a0770937af39
SHA256

74dd202c4fd5ba9557ec1dfef784238d48e0ec2a4465f814682a6bf293fdb86e
SHA512

51445dafba0a641aae5716f78b39b67336ebb338eeb1e1b89d5a377b5918b9826aa6f434fe916e05ed597cffa9a5549c097648346f14748bca5e3bc3bab3fd50
SSDEEP

24576:pP+32aj8BcxaSiMiMhTbM2nhudWg1pE+gRCMYRpOtg99:pm326xaK9ZbM2dgOyn/

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  74dd202c4fd5ba9557ec1dfef784238d48e0ec2a4465f814682a6bf293fdb86e
- Size
  
  1.4MB
- MD5
  
  491c30cb0deab77140b006a43ed38a01
- SHA1
  
  dcfd72ad2464be66218920b86ca1a0770937af39
- SHA256
  
  74dd202c4fd5ba9557ec1dfef784238d48e0ec2a4465f814682a6bf293fdb86e
- SHA512
  
  51445dafba0a641aae5716f78b39b67336ebb338eeb1e1b89d5a377b5918b9826aa6f434fe916e05ed597cffa9a5549c097648346f14748bca5e3bc3bab3fd50
- SSDEEP
  
  24576:pP+32aj8BcxaSiMiMhTbM2nhudWg1pE+gRCMYRpOtg99:pm326xaK9ZbM2dgOyn/
Score

10^/10

lgoogloader downloader persistence
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lgoogloaderdownloaderpersistence