lgoogloader | 57a58ba29a3ed07f244f57276d1d265c9ab1aee6d9ac6f1d84b24c6561fef589 | Triage

Sharing

General

Target

57a58ba29a3ed07f244f57276d1d265c9ab1aee6d9ac6f1d84b24c6561fef589
Size

566KB
Sample

230516-p8n9eshh8w
MD5

c56622a2e329adf8167d71814e8c92a4
SHA1

e02cf71f24e10383b526181f86591a041b1adeb6
SHA256

57a58ba29a3ed07f244f57276d1d265c9ab1aee6d9ac6f1d84b24c6561fef589
SHA512

70dc0ffba336ef2e77e1bbdcd278577b40e8f0d4aacac905dbd670c5dfa67e04f7707345bbecb2fedf103be9315302e09864175f4a361b95ee5ca9ce8edf0b24
SSDEEP

12288:agkutuPWb+52ms4yzpebC7LLwpEX/Yxx6EzgbBQS5O+w2q1ACirGzCnDPdvV:faF5XslzkO7/IE2QJVQS5O+w2q1ACirj

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  57a58ba29a3ed07f244f57276d1d265c9ab1aee6d9ac6f1d84b24c6561fef589
- Size
  
  566KB
- MD5
  
  c56622a2e329adf8167d71814e8c92a4
- SHA1
  
  e02cf71f24e10383b526181f86591a041b1adeb6
- SHA256
  
  57a58ba29a3ed07f244f57276d1d265c9ab1aee6d9ac6f1d84b24c6561fef589
- SHA512
  
  70dc0ffba336ef2e77e1bbdcd278577b40e8f0d4aacac905dbd670c5dfa67e04f7707345bbecb2fedf103be9315302e09864175f4a361b95ee5ca9ce8edf0b24
- SSDEEP
  
  12288:agkutuPWb+52ms4yzpebC7LLwpEX/Yxx6EzgbBQS5O+w2q1ACirGzCnDPdvV:faF5XslzkO7/IE2QJVQS5O+w2q1ACirj
Score

10^/10

lgoogloader downloader persistence
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lgoogloaderdownloaderpersistence