Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.4MB

  • Sample

    230423-n1qa3sdb56

  • MD5

    057c27ecf07560cbf002916f5e97710f

  • SHA1

    be27d5c8f0aaf8246d713ec6894a2730f4a72634

  • SHA256

    5fb99869ee44ab33e1aad8b548c6defc0c22c3fd34686c4a61b3ca5a743a1703

  • SHA512

    7c91eddfe3d432a8746a6abdb84c7087f46fec6a1bb16a4315cce1c6ea808cadf4a91cc7b25595cdbce52e3b353bfcedb5d4acfa4f57ceb50bcdcc6b178fe3b3

  • SSDEEP

    12288:kkowyx1lRDS5ay92o3etRsFJHURCdWaTaAd++U6CQsKQ8A3Y2ZKQ7bYBSZMkG57X:IWar8UPKG0BKnkcdhu2KvjH

Score
10/10
lgoogloaderdownloaderpersistence

Malware Config

Targets

    • Target

      file.exe

    • Size

      1.4MB

    • MD5

      057c27ecf07560cbf002916f5e97710f

    • SHA1

      be27d5c8f0aaf8246d713ec6894a2730f4a72634

    • SHA256

      5fb99869ee44ab33e1aad8b548c6defc0c22c3fd34686c4a61b3ca5a743a1703

    • SHA512

      7c91eddfe3d432a8746a6abdb84c7087f46fec6a1bb16a4315cce1c6ea808cadf4a91cc7b25595cdbce52e3b353bfcedb5d4acfa4f57ceb50bcdcc6b178fe3b3

    • SSDEEP

      12288:kkowyx1lRDS5ay92o3etRsFJHURCdWaTaAd++U6CQsKQ8A3Y2ZKQ7bYBSZMkG57X:IWar8UPKG0BKnkcdhu2KvjH

    Score
    10/10
    lgoogloaderdownloaderpersistence

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • Sets service image path in registry

      persistence

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks